I am a web developer who has just had PHP thrust upon me. I have created a login-protected site and have put a timeout script on each page which redirects the user back to the login page if they have left the site idle for a certain period of time. In Opera and Safari it works great but in Firefox the login page still has the login credentials in the text fields, so anyone could just press "login" and log right back into the site, which sort of defeats the purpose. Exhaustive Google searches have turned up nothing.

Any advice is much appreciated!

The timeout code I'm using is:
$inactive = 200;
if(isset($_SESSION) ) {
$session_life = time() - $_SESSION;
if($session_life > $inactive){
header("location: http://www.fakedomain.com/index.php");
$_SESSION = time();

4 Years
Discussion Span
Last Post by cpchc

try the autocomplete="off" attribute in the input tag, e.g.

<input type="textbox" name="username" id="username" autocomplete="off" />
This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.