When you go to this page; http://www.ctuchicago.com/registration/login.php
you will see the form that I made. I want to create a session if username and password is true than I wanna set a 20 minutes expire time for it. How can I do it ?
my check.php
$user = $_POST['user'];
$pass = $_POST['pass'];
$ruser = "a";
$rpass = "b";
if ($user == $ruser) {
$logn = "True";
} else {
$logn = "False";
}
if ($pass == $rpass) {
$logs = "True";
} else {
$logs = "False";
}
if ($logn == "False" && $logs == "False") {
echo '<script type="text/javascript">alert("The Username and The Password are both wrong ! Please check your information and try again.");history.go(-1);</script>';
} elseif ($logn == "True" && $logs == "False") {
echo '<script type="text/javascript">alert("The Username is True but something is wrong with the password you entered. Please check your information and try again.");history.go(-1);</script>';
} elseif ($logn == "False" && $logs == "True") {
echo '<script type=开发者_JAVA技巧"text/javascript">alert("The Password is True but something is wrong with the password you entered. Please check your information and try again.");history.go(-1);</script>';
} else {
$_SESSION['valid'] = "1";
echo '<script type="text/javascript">window.location = "http://www.ctuchicago.com/registration"</script>';
}
my index.php (this page I want to be login required.
if ($_SESSION['valid']) {
echo '<script type="text/javascript">window.location = "http://www.ctuchicago.com/registration/login.php"</script>';
} else { Code }
Thank You
According to http://prajapatinilesh.wordpress.com/2009/01/14/manually-set-php-session-timeout-php-session/
ini_set(’session.gc_maxlifetime’, 20*60);
Have you considered using a [client side] cookie that expires in 20 minutes ? then whenever the page is (re)loaded, check for the cookie, invalidate the session if the cookie is invalid/expired.
See How do I expire a session after 30 minutes
EDIT
Basically what you are doing is creating your own session timeout function. When you hit the page you look for a variable you set in $_SESSION
lets call it $_SESSION['started']
. If you don't find that variable then you create it and give the value of the current timestamp. What you do then is every time you load a new page, you compare the $_SESSION['started']
variable with the time now and if it exceeds 20 minutes then you expire log the user out or do whatever you need to do.
精彩评论