On Friday 03 October 2003 01:59, Jeff McKeon wrote: > So when a user logs in you write a user_id and datestamp to a field in > your sessions table. Every time the person accesses a page you update > the datestamp in that record. Then you run a function that checks every > X minutes if the timestamp is older than X minutes and if so you log the > person out? Is this correct?
Wrong order. First, check whether timestamp is past it's sell by date, if so destroy the session then redirect them to the login page, otherwise refresh the timestamp. > How exactly do you log them out? By > issuing a command to clear the session variables saved during login, > thus causing function on each page that checks for valid login to fail? Yes. session_destroy(). -- Jason Wong -> Gremlins Associates -> www.gremlins.biz Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * ------------------------------------------ Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general ------------------------------------------ /* "How do I love thee? My accumulator overflows." */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
