You must have seen websites ask for re-login if you have been idle for too long. For example, most online banking system will set an inactive time limit. This is due to security precaution, which prevent unauthorized personnel to access you accounts.
The implementations are different but the idea and technology behind this is quite similar. The following shows the procedure using PHP.
First, you would need to define a session variable to hold the last page access time, i.e. $_SESSION[‘LASTLOGIN’]. A session variable is accessible through out the different pages while the user stays on the site. A session is recorded on the server side.
The variable is used to keep the last page refreshed time so when you logout, you have to clear it.
1 2 3 4 | public function Logout() { $_SESSION['LASTLOGIN'] = ''; } |
public function Logout() { $_SESSION['LASTLOGIN'] = ''; }
When the user logins, you need to update the time.
1 | $_SESSION['LASTLOGIN'] = date('Y-m-d h:i:s'); |
$_SESSION['LASTLOGIN'] = date('Y-m-d h:i:s');
On other pages, when the page is reloaded, you would need to check if the page has expired (30 minutes inactive):
1 2 3 4 5 6 7 8 9 10 11 | if (isset($_SESSION['LASTLOGIN'])) { $last = strtotime($_SESSION['LASTLOGIN']); $curr = strtotime(date("Y-m-d h:i:s")); $mins = round(abs($last - $curr) / 60, 2); if ($mins >= 30) { // more than 30 minutes inactive $this->Logout(); return true; } } $_SESSION['LASTLOGIN'] = date("Y-m-d h:i:s"); // update the time return (false); |
if (isset($_SESSION['LASTLOGIN'])) { $last = strtotime($_SESSION['LASTLOGIN']); $curr = strtotime(date("Y-m-d h:i:s")); $mins = round(abs($last - $curr) / 60, 2); if ($mins >= 30) { // more than 30 minutes inactive $this->Logout(); return true; } } $_SESSION['LASTLOGIN'] = date("Y-m-d h:i:s"); // update the time return (false);
–EOF (The Ultimate Computing & Technology Blog) —
loading...
Last Post: Spot a dramatic increase of CPC by blocking low CPC URLs in Adsense
Next Post: How to Display Blog Statistics at the Page Footer?