oh, i forgot to mention, i create new session id on
each login, and pass it on in the url, something like
/page.php?sess=$sess_id
If you want, you could also assign the user's ip with the current session
for a little higher security, i havent bothered as i feel this is safe
enough.
/Martin
-Original Message-
From: Martin Lindhe
Sent: Wednesday, September 12, 2001 5:34 PM
To: [EMAIL PROTECTED]
Subject: RE: [PHP] how to set session expiration
hello everyone,
how can i set the expiration of my sessions with or without
the cookies enabled? say if a user idles for some time, the
session will now expire.
TIA!
jessie
I'm using a solition that's something like this:
first, each time a user logs in to the site, a timestamp is added
to his user entry in the database.
then, at top of each page view, you call a function like this
$username=getUserName($db_handle,$sess_id); //$sess_id is my
own created 30
char-random letter string
if(!$username) { echo You're not logged in, die!; die; }
This function returns the username assigned with the current
session id,
and also checks wether last timestamp is older than X
minutes, if it's not,
it updates it, if it is, it throws the user out.
Here's the function (60*20 gives user max 20 minutes time of
idling, then
he/she must log in again):
--snip--
function getUserName($db,$sessionID) {
$query_idd = mysql_query(SELECT * FROM tblUsers WHERE
ID='$sessionID', $db);
if (mysql_num_rows($query_idd) == 0) {
return ;
} else {
$row = mysql_fetch_array($query_idd);
$diff = time() - $row[lastlogin];
if ($diff (60*20) ) { echo Connection timed outbr;
die; }
$newstamp = time();
$updatestamp = mysql_query(UPDATE tblUsers SET
lastlogin='$newstamp' WHERE username='.$row[username].', $db);
return $row[username];
}
}
--snip--
and here's the function i use to create a random id:
function getRandomID($db,$table) {
srand((double)microtime()*100);
do {
$b=;
for($a=0; $a30; $a++) {
$tmp=rand(0,2);
switch($tmp) {
case 0: $b.=chr(rand(97,122));
break; //a-z
case 1: $b.=chr(rand(65, 90));
break; //A-Z
case 2: $b.=chr(rand(48, 57));
break; //0-9
}
}
} while (mysql_query(SELECT * FROM .$table. WHERE
ID='$b',$db)===TRUE);
return $b;
}
hope this helps!
/Martin
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail:
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]