0

I have a homepage the user logins in too with this php code: 

 <?php
    session_start();
    $username= $_SESSION['username'];

    if($_SESSION['username'] == "")
    {
        header("Location: http://new_system/");
    }

    require "connection.php";

    $result= mysqli_query($conn,"SELECT * FROM users WHERE username = '$username'");
    $row = mysqli_fetch_row($result);
    $firstname = $row[0];
    $lastname= $row[1];
    $email = $row[2];
    $birthday = $row[4];
    $gender = $row[5];
    $path = $row[8];


    ?>

I tried adding this

$_SESSION["timeout"] = time()+ (0*1*0*0);

So it logs out after a day but it didn't work, can anyone tell me why. I put it under the if statement for session

LF00
  • 27,015
  • 29
  • 156
  • 295
jasy
  • 45
  • 2
  • 8
  • 1
    `SESSIONS` only last for 24 minutes (1440 seconds), you have to change settings in your `PHP.ini` file to get a longer `SESSION` timeout, look at this page for more information: http://php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime – Jack Hales Jan 07 '17 at 12:49
  • Mine kept me logged in for 4 days now, I just wanted to make it one day instead of four. @Jek – jasy Jan 07 '17 at 12:51
  • If you look here http://stackoverflow.com/a/1516283/5782416 you can see that if you have other settings in your `PHP.ini`, it lasts till your browser is closed, is that what happened? – Jack Hales Jan 07 '17 at 12:53
  • I guess I didnt close my browser, but I just noticed that I have to logout for my session to be destroyed, is there no code I could put to make it one day only? – jasy Jan 07 '17 at 12:55
  • There is as the answers have provided, was just making sure you knew before you asked **:')** – Jack Hales Jan 07 '17 at 12:56

3 Answers3

3

Try this Code.

 $inactive = 60*60*24;
if( !isset($_SESSION['timeout']) )
$_SESSION['timeout'] = time() + $inactive; 

$session_life = time() - $_SESSION['timeout'];

if($session_life > $inactive)
{  session_destroy(); header("Location:index.php");     }

$_SESSION['timeout']=time();
BalaMurugan.N
  • 120
  • 1
  • 1
  • 10
1
$_SESSION["timeout"] = time()+ (0*1*0*0);

Is incorrect Multiplying any number by zero (0) is zero (0)

Change to something like this For 10 minutes 10 * 60

For 24 hrs ( a day) 24 * 60 * 60

$_SESSION["timeout"] = time()+ (24 * 60 * 60);

You can echo it out to see the difference

smartnet
  • 87
  • 4
0

You have also too set the cookie timeout. For the cookie default is the window session, when you close the browser, the cookie times out. the session_id is saved in the cookie, when the cookie expires, the session also expires.

LF00
  • 27,015
  • 29
  • 156
  • 295