1

I have a script to protect the webpages so that only registered member of my site access certain pages say i call that memberprotect.php and in that file itself i am adding an script that will keep the sesion active for 360 seconds and if the webpage is inactive for more that 360 seconds i want to redirect the page to logintimeout.php. but my problem is the script automatically taking the member page to loin.php instead of logintimeout.php pls help or sugest what i should do . pasting the entire script below

 <? 
 session_start();
 // set timeout period in seconds
 $inactive = 360;
 // check to see if $_SESSION['timeout'] is set
 if(isset($_SESSION['timeout']) ) {
$session_life = time() - $_SESSION['timeout'];
if($session_life > $inactive)
    { session_destroy(); 
 header('Location:logintimeout.php'); }
}
$_SESSION['timeout'] = time();
if(!session_is_registered(myusername))
{
header('location:login.php');
}
?>
shijumax
  • 13
  • 5
  • Why using session_is_registered (obsolete function since php5.3)? How do you set myusername in the session? Also you should use – sglessard Feb 01 '13 at 16:38

1 Answers1

0

When you issue a location header, you should stop the script from executing any further. For example:

<?php
header("location:http://www.google.co.uk/");
exit();
?>
Tom
  • 843
  • 7
  • 12
  • i cannot exit the script because i am including the timeout script in the memberprotect script which by default protects the member area by diverting them to login.php. but if my sesion is timed out then i want to redirect to logintimeout.php if i set exit then the script will not check for member protect – shijumax Feb 01 '13 at 16:49
  • I don't really follow what you have included where... but if you can't exit immediately after setting the location header, set a location to a variable instead. Then, later in your script, check if that variable is set - if it is, exit. – Tom Feb 01 '13 at 17:25
  • putting exit(); inside the flower brackets solved my problem now both my memberprotect and my timeout scripts works from a same file. thanks if($session_life > $inactive) { session_destroy(); header('Location:logintimeout.php'); exit(); } } $_SESSION['timeout'] = time(); – shijumax Feb 02 '13 at 07:59