hi all...how are u? i have a question , i'm creatingn a php login system for a forum but i'm new in php and i'm not able to put session timing for the login ..i want when the user login to register the session and then after login in ..if the user is not active for 5 minutes i want him to be redirected to the login page again...i was reading a topic for php session ..but i did not get it ..please help ....that's my code:

<?php

    session_start();


   ?>
<html>

<head>
  <title></title>
</head>

<body>

<?php

$dbh=@mysql_connect('localhost','root','');
if(!$dbh){
exit('Unable to connect');
}

if(!@mysql_select_db('ijdb')){
exit('Unable to find ijdb');
}
$result=@mysql_query('select * from users');
if(!$result){
exit('no data found');
}
$t=0;
$u=$_REQUEST['un'];
$p=$_REQUEST['pass'];
$encpass=md5($p);
while($row=mysql_fetch_array($result)){
	if(($row['name']== $u) and ($row['pass']==$encpass)){
		$t=1;
	}
}


if($t==1){

$_SESSION['user']=$u;
$_SESSION['pass']=$p;



	header("Location: http://www.forum.com/welcome.php");




}
if($t==0){
	echo FAUX;
}


?>
</body>
</html>

yes ..this code works of course ...but i only want the session to be expired..but i don't know how to fix a time for the session ..please help me to do it with this code ..and thnx in advance

<?php
session_start();
if (isset ($_SESSION('loggedin')) {
setcookie(timelogout(), $_COOKIE[timelogout()], time()+600, '/');
}

Also add the following just before your header code.

$_SESSION('loggedin') = true;

This code basically registers a session when the user logs in. And then for each page they visit it checks if the session is set and if it is it sets a cookie that expires in 10mins. If the user goes to a different page obviously the cookie is reset and the time will be 10mins :)

The only downfall is if they have cookies turned of, in which case the cookie wont be set and therefore they will stay logged in nevertheless. However this is very unlikely.

Does this help?

thnx alot for your communication ...but this code does not work and i don't know why ..first of all there is a missing ")" and then the timelogout() function ...my editor said it's undefined ,i don't know why ..please if u can implement the session time out in my code in a way that works...and thnx very much in advance.

Wow I do appologise for my rubbish code.
The following will work:
Insert this at the top of everypage:

<?php
session_start();
if (isset ($_SESSION('loggedin')) {
setcookie("timelogout","TimeLogout", time()+600);
}

And insert this just after your header tag:

$_SESSION('loggedin') = true;

Does this help. Sorry about my mistake lol :D

Yes, I can see where the error would be but its not in the code its more as in the system its working in. The code should bring no errors.

To be honest, I think we were looking into it too deep. Give the above message a go, its alot easier than what I was about to suggest.

Sorry for my lack of dreamweaver lol. I'm hopless without an editor (the colours) :D

please help me by implementing the right code into my script ..and thnx

Hi
This is what your code should look like:

<?php

    session_start();


   ?>
<html>

<head>
<meta http-equiv="Refresh" content="300; url=http://www.site.com/logout_page.php" />
  <title></title>
</head>

<body>

<?php

$dbh=@mysql_connect('localhost','root','');
if(!$dbh){
exit('Unable to connect');
}

if(!@mysql_select_db('ijdb')){
exit('Unable to find ijdb');
}
$result=@mysql_query('select * from users');
if(!$result){
exit('no data found');
}
$t=0;
$u=$_REQUEST['un'];
$p=$_REQUEST['pass'];
$encpass=md5($p);
while($row=mysql_fetch_array($result)){
	if(($row['name']== $u) and ($row['pass']==$encpass)){
		$t=1;
	}
}


if($t==1){

$_SESSION['user']=$u;
$_SESSION['pass']=$p;



	header("Location: http://www.forum.com/welcome.php");




}
if($t==0){
	echo FAUX;
}


?>
</body>
</html>

Like explained, it will redirect your user to a logout page after the 10mins are up. This happens on everypage making the effect that is there is no activity in this amount of time the user isnt aloud access.

yes ...it worked xan ......thnx very much ......but is this a good way to make the user to relogin ......or there is another more nice way ? ...but BTW thnx alot ...

No, after thinking about it this is the simplest way of going around it.
The only problem would be if the user has meta redirects disabled.

Another way would be with cookies/sessions that I was trying to create earlier. I'l have my laptop back tomorow and get that script working anyway so keep an eye on this thread.

To continue, there are downsides to that aswell, they might have cookies turned off.

God, users have too much control over what they can and cant have on lol :D

Hoe this helps

This question has already been answered. Start a new discussion instead.