0

I am trying to force log out an inactive user from my CMS. The timeout value is stored in a value called PREF_TIMEOUT in my database. Ive borrowed this code and modified it a little. The code does not seem to be doing anything. Does anyone know of a better method of doing this or can spot what is breaking it?

<?php
function init() {
parent:: init();
self::logoutInactiveUser();
}

$timeout = mysql_query("SELECT PREF_TIMEOUT FROM preferences WHERE PREF_ID = '1'");
$result = mysql_fetch_array($timeout);

function logoutInactiveUser() {
        $inactivityLimit = $timeout * 60; // Converted to seconds
        $sessionStart = Session::get('session_start_time');
        if (isset($sessionStart)){
            $elapsed_time = time() - Session::get('session_start_time');
            if ($elapsed_time >= $inactivityLimit) {
                $member = Member::currentUser();
                if($member) $member->logOut();
                Session::clear_all();
                Director::redirect(Director::baseURL() . 'Security/login');
            }
        }
        Session::set('session_start_time', time());
    }
?>
2
Contributors
1
Reply
22
Views
2 Years
Discussion Span
Last Post by jkon
0

There is really no reason to write functional PHP in OOP style. Everything here is static , so could be functions as well (static in OOP means other things than Session:: Form:: or Input:: or things like that).

You want to log out a user (I believe in its current session) when he is inactive. First you must define what you mean “inactive” . For example do you mean that she/he didn't interact for a certain time of period? There are many ways to do it , some simpler some harder. The simplest is to have a variable in JavaScript (e.g. lastActionTimeStamp) and with an interval (e.g. each second) check if currentTimeStamp minus lastActionTimeStamp is greater than the time you want to have the user logged out (e.g. 30 minutes).

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.