Amali Perera
Reputation: 125
PHP logout of 10 mins inactivity fails
code part of Login.php
else if( ($row['Password'] == md5($pass)) ){
$_SESSION['user'] = $row['FName'];
$_SESSION['last_activity'] = time();
header("Location: welcome.php");
}
Whole code of welcome.php
<?php
session_start();
if( !isset($_SESSION['user']) ){ //session verification
header("Location: login.php");
}
else{
echo "Welcome, ". $_SESSION['user']. "<br>";
echo "<a href='logout.php'> Logout </a>";
}
if( $_SESSION['last_activity'] < (time() - 600) ){ //time in seconds, 10 minutes
session_destroy();
header("Location: login.php");
exit;
}
else{
$_SESSION['last_activity'] = time();
}
?>
Question: Even I refresh the page after 10 minutes, welcome.php page kept logged in. What is wrong? Thanks
Upvotes: 0
Views: 60
Answers (1)
Yusuf Y.
Reputation: 84
Try this;
$last_activity = time() - $_SESSION['last_activity'];
if( $last_activity >= 600 ){ //time in seconds, 10 minutes
session_destroy();
header("Location: login.php");
exit();
}
Upvotes: 1
Related Questions
- How can I prevent SQL injection in PHP?
- How do you parse and process HTML/XML in PHP?
- Deleting an element from an array in PHP
- Reference Guide: What does this symbol mean in PHP? (PHP Syntax)
- startsWith() and endsWith() functions in PHP
- How does PHP 'foreach' actually work?
- Enumerations on PHP
- How do I get PHP errors to display?
- Why shouldn't I use mysql_* functions in PHP?
- Error while destroying session in PHP