0

When you go to this page; http://www.ctuchicago.com/registration/login.php

you will see the form that I made. I want to create a session if username and password is true than I wanna set a 20 minutes expire time for it. How can I do it ?

my check.php

$user = $_POST['user'];
$pass = $_POST['pass'];

$ruser = "a";
$rpass = "b";

if ($user == $ruser) {
 $logn = "True"; 
} else {
 $logn = "False";  
}

if ($pass == $rpass) {
 $logs = "True"; 
} else {
 $logs = "False";  
}


 if ($logn == "False" && $logs == "False") {
 echo '<script type="text/javascript">alert("The Username and The Password are both wrong ! Please check your information and try again.");history.go(-1);</script>';
 } elseif ($logn == "True" && $logs == "False") {
 echo '<script type="text/javascript">alert("The Username is True but something is wrong with the password you entered. Please check your information and try again.");history.go(-1);</script>';
 } elseif ($logn == "False" && $logs == "True") {
 echo '<script type="text/javascript">alert("The Password is True but something is wrong with the password you entered. Please check your information and try again.");history.go(-1);</script>';
 } else {
 $_SESSION['valid'] = "1";
 echo '<script type="text/javascript">window.location = "http://www.ctuchicago.com/registration"</script>';
 }

my index.php (this page I want to be login required.

    if ($_SESSION['valid']) {
 echo '<script type="text/javascript">window.location = "http://www.ctuchicago.com/registration/login.php"</script>';
} else { Code }

Thank You

Extelliqent
  • 1,760
  • 5
  • 32
  • 51
  • http://stackoverflow.com/questions/520237/how-do-i-expire-a-php-session-after-30-minutes – profitphp Jan 04 '11 at 21:34
  • 1
    1. it's impossible. 2. you don't need it. 3. Timeout itself means nothing. 4. Default session timeout is 24 minutes. I doubt these 4 minutes are worth that mess. – Your Common Sense Jan 04 '11 at 21:35
  • 1
    Col. Shrapnel, I spent my 3 hours for this so far and trying to solve this problem because I am learning PHP. Thank you for Who ever trying to help me and if you have doubt your 4 mins worth to answer my question feel free to dont answer okey – Extelliqent Jan 04 '11 at 21:46
  • To let you know, my poor boy, *learning* is not something like "I need some useless bullshit, gimme the code". Understanding is often required. And, it's pity to say, but sometimes we lose 40 or 400 hours completely in vain. One need a courage to admit that he was going wrong way and learn from his mistakes. – Your Common Sense Jan 04 '11 at 22:05
  • Did I said I need some useless Bullshit ? I am trying to understand how can I do this. – Extelliqent Jan 04 '11 at 22:16

3 Answers3

1

According to http://prajapatinilesh.wordpress.com/2009/01/14/manually-set-php-session-timeout-php-session/

ini_set(’session.gc_maxlifetime’, 20*60);

Rachel McMahan
  • 392
  • 1
  • 8
  • As I learned today, this doesn't work. See http://stackoverflow.com/questions/520237/how-do-i-expire-a-php-session-after-30-minutes/1270960#1270960 – Matt Asbury Jan 04 '11 at 21:46
  • I even dont know where should I put this ini_set thing. because it doesnt seem like php code. – Extelliqent Jan 04 '11 at 21:47
  • You shouldn't use it. See my answer for the solution and kudos should go to original poster @Gumbo not me :) – Matt Asbury Jan 04 '11 at 21:48
0

Have you considered using a [client side] cookie that expires in 20 minutes ? then whenever the page is (re)loaded, check for the cookie, invalidate the session if the cookie is invalid/expired.

sjobe
  • 2,817
  • 3
  • 24
  • 32
0

See How do I expire a session after 30 minutes

EDIT

Basically what you are doing is creating your own session timeout function. When you hit the page you look for a variable you set in $_SESSION lets call it $_SESSION['started']. If you don't find that variable then you create it and give the value of the current timestamp. What you do then is every time you load a new page, you compare the $_SESSION['started'] variable with the time now and if it exceeds 20 minutes then you expire log the user out or do whatever you need to do.

Community
  • 1
  • 1
Matt Asbury
  • 5,644
  • 2
  • 21
  • 29
  • guys I couldnt understand that. I wanna make a login page and whenever user logins into the system I wanna open a session and set a time for it to finish. thats what I want is it something so hard ? – Extelliqent Jan 04 '11 at 21:50
  • @Extelliqent it's just not session timeout's job. That's all. Sooner you start to think, sooner you begin to understand – Your Common Sense Jan 04 '11 at 22:07
  • 1
    I know that. I made check.php for that. but I think you`re not trying to help. I think you`re trying to have some fun by other people. I dont know okey ? I am trying to figure it out how can I do this. – Extelliqent Jan 04 '11 at 22:18
  • wow okey .. I got the idea .. butt http://cookbooks.adobe.com/post_Set_a_time_limit_on_a_login_session__PHP_-16701.html This is such a good example but It didnt work Idk why ? very simple and easy to understand. $_SESSION['last_activity'] we check SESSION`s last activity with this code right ? – Extelliqent Jan 04 '11 at 22:37
  • That code needs to be called at the top of every single page that a user is visiting. Do you have that? – Matt Asbury Jan 04 '11 at 22:46
  • I am working on only 1 page right now if I can do it I`ll put it. and I wanna know if everybody does this or only me ? – Extelliqent Jan 05 '11 at 17:14
  • To have one page for the login? That's fine. A lot of people work that way. – Matt Asbury Jan 05 '11 at 20:09