0

I created a simple login based on PHP only. I wanted to combine them with a code that automatically logout the user after 10 minutes, but probably something I broke down.

<?php
        session_start();
        if(!isset($_SESSION['simple_login'])){
            header("Location: index.php");
            exit();
        }           

    $idletime=600;

    if (time()-$_SESSION['simple_login']>$idletime){
        session_destroy();
        session_unset();
    }else{
        $_SESSION['simple_login']=time();
    }

    //on session creation
    $_SESSION['simple_login']=time();
  ?>
TheMan
  • 87
  • 10
  • You can use the php.ini session variable [session.gc_maxlifetime](http://php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime) to auto destroy the session after a specific time. No need to code it yourself. – xander Mar 21 '18 at 09:21
  • What does not work yet? Are you probably looking for a solution that involves a AJAX call here and there and a redirection to the login page? – Nico Haase Mar 21 '18 at 09:22
  • $_SESSION['simple_login']=time(); at last line is it required and also in if(isset($_SESSION['simple_login']) && time()-$_SESSION['simple_login']>$idletime) although nothing is wrong in your code – Sivagopal Manpragada Mar 21 '18 at 09:25
  • You want to logout if the user idle for 10 minutes? or 10 minutes since login? – Wils Mar 21 '18 at 09:31
  • Logout if user iddle for 10 minutes. – TheMan Mar 21 '18 at 09:33
  • https://stackoverflow.com/questions/520237/how-do-i-expire-a-php-session-after-30-minutes – Twinfriends Mar 21 '18 at 09:39

0 Answers0