Show alert message automatically after session timeout without manually refresh the page

Question

I have a question on how to automatically show alert message. I have set the time limit to 10s but I need to manually refresh the page then alert message will pop up. Alert message that will be display will tell the user the session is over and reload the page. Here is my code

<?php
        //start session
        session_start();

        //database connection
        $conn = mysqli_connect("localhost","root","","test"); 

        //default timezone
        date_default_timezone_set('Asia/Kuala_Lumpur');

        //if user click login button
        if(!empty($_POST["login"])) 
        {
            //query table to verify inserted value
            $result = mysqli_query($conn,"SELECT * FROM users WHERE username = '" . $_POST["user_name"] . "' and password = '". $_POST["password"]."'");

            //fetch result result row as an associative, a numeric array, or both
            $row  = mysqli_fetch_array($result);

            //if it is true
            if($row) 
            {
                //declare a session for selected value using id and time logged in
                $_SESSION["user_id"] = $row['id']; 
                $_SESSION['timestamp'] = time();            
            } 
            else 
            {
                //redirect to homepage
                echo '<script type="text/javascript">alert("Invalid Username or Password!");window.location = "userlogin_session.php";</script>';
            }
        }

        //check for session timeout
        if(isset($_SESSION['timestamp']))
        {
            //set time limit in seconds
            $expireAfterSeconds = 10;

            //calculate many seconds have passed since the user was last active 
            $secondsInactive = time() - $_SESSION['timestamp'];

            //convert seconds into minutes
            $expireAfter = $expireAfterSeconds / 60 ;

            //check to see if time is equals or above given time limit
            if($secondsInactive >= $expireAfter)
            {
                //kill session.
                session_unset();
                session_destroy();

                //redirect to homepage
                echo '<script type="text/javascript">alert("Session Over");window.location = "userlogin_session.php";</script>';
            }
        }

        //if user click logout button
        if(!empty($_POST["logout"])) 
        {
            //kill session.
            session_unset();        
            session_destroy();
        }
    ?>

1) destroy session in php after a certain time period https://stackoverflow.com/questions/17179249/session-destroy-after-certain-amount-of-time-in-php 2) show alert in JS after a certain time period. https://www.w3schools.com/jsref/met_win_settimeout.asp — Istiaque Ahmed, Sep 14 '17 at 09:29

score 1 · Answer 1 · answered Sep 14 '17 at 09:35

1

You'll need to do it in Javascript, not PHP. You can however send the PHP var to the javascript, or just hard code it (seconds * 1000) and then get it to alert or modal window:

setTimeout(function(){
   alert ('Session timeout message or code here');
}, <?= $timeout; ?>);

answered Sep 14 '17 at 09:35

delboy1978uk

12,118
2
21
39

if I do that, the alert message will not pop up automatically. I have tried that. but I use echo the script you wrote. only if after 10 seconds will display alert. that is what I want. can you gave a full example? – Richmond Sep 15 '17 at 03:31
@RichmondGingingon, why won't the alert come automatically ? ` setTimeout(function(){ alert ('Session timeout message or code here'); }, 3000);` After 3 seconds, you will get an alert. – Istiaque Ahmed Sep 15 '17 at 10:17

score 0 · Answer 2 · answered Sep 18 '17 at 03:05

This is my full code.

<?php
        //start session
        session_start();

        //database connection
        $conn = mysqli_connect("localhost","root","","test"); 

        //default timezone
        date_default_timezone_set('Asia/Kuala_Lumpur');

        //if user click login button
        if(!empty($_POST["login"])) 
        {
            //query table to verify inserted value
            $result = mysqli_query($conn,"SELECT * FROM users WHERE username = '" . $_POST["user_name"] . "' and password = '". $_POST["password"]."'");

            //fetch result result row as an associative, a numeric array, or both
            $row  = mysqli_fetch_array($result);

            //if it is true
            if($row) 
            {
                //declare a session for selected value using id and time logged in
                $_SESSION["user_id"] = $row['id']; 
                $_SESSION['timestamp'] = time();            
            } 
            else 
            {
                //redirect to homepage
                echo '<script type="text/javascript">alert("Invalid Username or Password!");window.location = "userlogin_session.php";</script>';
            }
        }

        //check for session timeout
        if(isset($_SESSION['timestamp']))
        {
            //set time limit
            $expireAfterSeconds= 10;

            //calculate many seconds have passed since the user was last active 
            $secondsInactive = time() - $_SESSION['timestamp'];
            echo $secondsInactive;

            //check to see if time is equals or above given time limit
            if($secondsInactive >= $expireAfterSeconds)
            {
                //kill session.
                session_unset();
                session_destroy();

                //redirect to homepage
                //echo '<script type="text/javascript">alert("Session Over");window.location = "userlogin_session.php";</script>';
            ?>
                <script>
                    alert("Session Over");
                    window.location = "userlogin_session.php";
                </script>';
            <?php
            }
        }

        //if user click logout button
        if(!empty($_POST["logout"])) 
        {
            //kill session.
            session_unset();        
            session_destroy();
        }
    ?>
    <html>
        <head>
            <title>User Login</title>
        </head>
        <body>
            <?php 
                //if session not exist
                if(empty($_SESSION["user_id"])) 
                { 
                ?>
                    <form action="" method="post" id="frmLogin">
                        <div><?php if(isset($message)) { echo $message; } ?></div>  
                        <div>
                            <div><label for="login">Username</label></div>
                            <div><input name="user_name" type="text"></div>
                        </div>
                        <div>
                            <div><label for="password">Password</label></div>
                            <div><input name="password" type="password"> </div>
                        </div>
                        <div>
                            <div><input type="submit" name="login" value="Login"></span></div>
                        </div>       
                    </form>
                <?php 
                }

                //if session exist
                else 
                { 
                    $result = mysqli_query($conn,"SELECT * FROM users WHERE id = '" . $_SESSION["user_id"] . "'");
                    $row  = mysqli_fetch_array($result);
                ?>  
                    <form action="" method="post" id="frmLogout">
                        <div>
                            Welcome <?php echo ucwords($row['username']); ?>, You have successfully logged in!<br>Click to <input type="submit" name="logout" value="Logout">
                        </div>
                    </form>
                    </div>
                    </div>
                <?php 
                } 
            ?>
        </body>
    </html>

@IstiaqueAhmed hope you can fix it :) – Richmond Sep 18 '17 at 03:07 — Richmond, Sep 18 '17 at 03:07

Show alert message automatically after session timeout without manually refresh the page

2 Answers2