Auto Logout when user leaves the application without doing logout action
Sometimes , an user leave an application without clicking on logout button, or do shutting down or hibernating of its Machine, pr even close all sessions (pages) which related t
-
You could set a cron job on the server to check for stale sessions But this is not a great solution since you have to deploy another solution (cron job) with your project. The way I would do it is have a check_credentials.php file included in your project that runs right after your DB connection, you will then add two fields in your users table for your projects users called: session_id AND last_checkin. The process will work like so:
Login:
- A session is created and a session_id can be retrieved from PHP on first hit (not logged in yet)
- If the user authenticates save the session_id to DB with current timestamp as last_checkin
Then you can have all the users do stale session checks at every page request:
Page Query:
- Delete session_id's from all users where last_checkin is older than 10min.
- Check if my current session_id = db.session_id
- If session don't match log out and send user to login.php
- if session_id's match then update last_checkin
讨论(0) -
You can do something like ,
Set a
sessiononce user has logged in to your Site.$_SESSION['last_activity_recorded'] = time();this will keep track the activity from user
On every page update this
sessionto updated time(ie current time)Check for inactivity from user (here 30 minutes) and take necessary steps in unsetting the login credentials(before updating the
sessionon top of every page)if($_SESSION['last_activity_recorded'] < time()+30*60){ session_unset(); session_destroy(); }
讨论(0) -
Try this:
if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 600)) { session_unset(); session_destroy(); } $_SESSION['LAST_ACTIVITY'] = time();If
$_SESSION['LAST_ACTIVITY'] > 600no activity in last 600 seconds (10minutes) then destroy session.讨论(0)
加载中...
- 热议问题