带有警告的 PHP/Javascript 会话超时
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/11538803/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
PHP/Javascript Session Timeout with warning
提问by kdjernigan
Does anyone know where I can read a tutorial on, or know how to create a Javascript-based session timeout that has a warning built in, and optionally these features:
有谁知道我可以在哪里阅读教程,或者知道如何创建一个基于 Javascript 的会话超时,它有一个内置的警告,以及可选的这些功能:
- user activity resets the timer
- interacts with database (last seen on, etc.)
- if inactive, it will log out users (by redirecting to a logout.php page)
- before it logs users out, it will display a popup message that asks if they want to continue
- 用户活动重置计时器
- 与数据库交互(上次看到的时间等)
- 如果不活动,它将注销用户(通过重定向到 logout.php 页面)
- 在它注销用户之前,它会显示一个弹出消息,询问他们是否要继续
Unfortunately, I don't know too much about Javascript.
不幸的是,我对 Javascript 不太了解。
回答by JSantos
I don't know how your website is done, but if done right, you should have a log in session and some sort of back end control system that denies any action if the previous action was made X minutes/hours ago and automatically expires the user. If you want to implement some client side code, you should have a javascript timer that alerts the user when expire time is about to be complete and you can also redirect the user to the homepage or log in page after the expire time is reached. This way all security features are on the back end and the javascript only works as a display measure for the display behavior.
我不知道你的网站是怎么做的,但如果做得对,你应该有一个登录会话和某种后端控制系统,如果前一个操作是在 X 分钟/小时前进行的,则拒绝任何操作并自动过期用户。如果你想实现一些客户端代码,你应该有一个 javascript 计时器,当过期时间即将完成时提醒用户,你也可以在过期时间到达后将用户重定向到主页或登录页面。这样,所有安全功能都在后端,javascript 仅用作显示行为的显示措施。
UPDATE:
更新:
setInterval(function(){alert("Hey, your session is ending")},360000);
setInterval(function(){
redirect();
},720000);
function redirect(){
document.location = "../logout.php"
}
UPDATE2:
更新2:
setInterval(function(){
logout();
},600000);
function logout(){
if(confirm('Logout?'))
redirect();
else
alert('OK! keeping you logged in')
}
function redirect(){
document.location = "../logout.php"
}
Every page with this code will ask after 10 minutes if the user wants to logout. This means your session cannot expire by itself, you must leave the control to the user
带有此代码的每个页面都会在 10 分钟后询问用户是否要注销。这意味着您的会话不会自行过期,您必须将控制权留给用户
回答by Jeff.k.Daniel
Session Logout after 5 minutes
5 分钟后会话注销
<script type="text/javascript">
var interval;
$(document).on('mousemove', function () {
clearInterval(interval);
var coutdown = 5 * 60, $timer = $('.timer'); // After 5 minutes session expired (mouse button click code)
$timer.text(coutdown);
interval = setInterval(function () {
$timer.text(--coutdown);
if (coutdown === 0) {
alert("Session expired. User successfully logged out.");
window.location = "UserLogin.php";
}
}, 1000);
}).mousemove();
var interval;
$(document).on('keydown', function () {
clearInterval(interval);
var coutdown =5 * 60, $timer = $('.timer'); // After 5 minutes session expired (keyboard button press code)
$timer.text(coutdown);
interval = setInterval(function () {
$timer.text(--coutdown);
if (coutdown === 0) {
alert("Session expired User successfully logout.");
window.location = "UserLogin.php";
}
}, 1000);
}).mousemove();
<script>
<html>
<div class="timer">
Time of session display on page
</div>
</html>
