user3542456
Reputation:
Issues with my timeout script
I'm running a script that will destroy a user's session after a certain amount of inactive time. However, it's not running correctly. Can someone explain to me what I'm doing wrong?
<?php
require("../includes/header.php");
$expire = time();
echo $expire ."<br>";
if(!isset($_SESSION["expire"]) < ($expire + 30)){
setcookie("User", $_SESSION["user"], 30);
echo "Welcome " .$_SESSION["user"];
$_SESSION["expire"] = $expire;
}
elseif($_SESSION["expire"] > ($expire + 30)){
unset($_COOKIE["User"]);
session_unset();
session_destroy();
header("Location: logged_out.php");
}
?>
Upvotes: 0
Views: 20
Answers (1)
John Conde
Reputation: 219894
$expire will always equal $_SESSION["expire"] because you set $_SESSION["expire"] equal to $expire at the top of the page and never change their values.
Set $_SESSION["expire"] after you validate the user. Also, your logic seems to be incorrect:
<?php
require("../includes/header.php");
$now = time();
$expires = $_SESSION["expire"] + 30;
if(!isset($_SESSION["expire"]) || $expires > $now){
setcookie("User", $_SESSION["user"], 30);
echo "Welcome " .$_SESSION["user"];
$_SESSION["expire"] = $now;
}
else {
unset($_COOKIE["User"]);
session_unset();
session_destroy();
header("Location: logged_out.php");
}
?>
Upvotes: 3
Related Questions
- Session timeouts in PHP: best practices
- Session timeout using ini_set
- Restart session upon timeout in PHP
- PHP session timeout issue
- setting up Session Timeout PHP
- Issue with session timeout
- Php sessiontimeout problems
- Session Timeout - Cookies / PHP
- php scripts logout too quickly
- PHP Session timeout, problem with code