I am a web developer who has just had PHP thrust upon me. I have created a login-protected site and have put a timeout script on each page which redirects the user back to the login page if they have left the site idle for a certain period of time. In Opera and Safari it works great but in Firefox the login page still has the login credentials in the text fields, so anyone could just press "login" and log right back into the site, which sort of defeats the purpose. Exhaustive Google searches have turned up nothing.

Any advice is much appreciated!

The timeout code I'm using is:
$inactive = 200;
if(isset($_SESSION) ) {
$session_life = time() - $_SESSION;
if($session_life > $inactive){
header("location: http://www.fakedomain.com/index.php");
}
}
$_SESSION = time();

Recommended Answers

All 2 Replies

Member Avatar for diafol

try the autocomplete="off" attribute in the input tag, e.g.

<input type="textbox" name="username" id="username" autocomplete="off" />

That worked perfectly! Thanks so much!

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.