0

this is the function i want to execute with a 30 minute interval between each execution:

$realm = 'Restricted area';
$users = array('admin' => 'admin', 'guest' => 'guest');
$username = validate_digest($realm,$users);

function send_digest($realm) {
    header('HTTP/1.1 401 Unauthorized');
    header('WWW-Authenticate: Digest realm="'.$realm.'",qop="auth",nonce="'.md5(uniqid()).'",opaque="'.md5($realm).'"');
    die('You need to enter a valid username and password');}

function validate_digest($realm, $users) {
       // Fail if no digest has been provided by the client
         unset($_SERVER['PHP_AUTH_DIGEST']);
         unset($digest);
         unset($digest_info);
         unset($request_digest);
       if (!isset($_SERVER['PHP_AUTH_DIGEST'])) {send_digest($realm);}
       // Fail if digest can't be parsed
       $username = parse_digest($_SERVER['PHP_AUTH_DIGEST'], $realm, $users);
       if ($username === false) {send_digest($realm);}
       // Valid username was specified in the digest
       return $username;

    }

I was planning on either using ajax or javascript but i don't really know how to work with either of those programming languages.

nao sei
  • 1
  • 2
  • Also: https://stackoverflow.com/questions/15757750/how-can-i-call-php-functions-by-javascript – Anurag Srivastava Apr 22 '22 at 16:25
  • Every 30 minutes your js code will need to send a http request to a server endpoint that executes this validate_digest function. – James Apr 22 '22 at 16:25
  • Now, do you want to: **1.** execute that script on 30 minute intervals, or actually, **2.** reject authentications that are inactive since more than 30 minutes? – Markus AO Apr 22 '22 at 18:41
  • i want to timeout the user after 30 minutes and make the user input the username and password again, not specifically because of inactivity but if you could tell me how to do that as well i would appreciate it. – nao sei Apr 22 '22 at 23:14
  • In that case, simply set a session variable with the start time on login, and reject the credentials if `$_SESSION['start'] > time() - 30 * 60)` whenever a page load happens. It doesn't matter if it's 31 or 58 minutes later does it --- unless you really want to blank the user's page at 30 minutes sharp, in which case it's quite a bit more complicated. – Markus AO Apr 23 '22 at 17:51

0 Answers0