在 php 中处于非活动状态 15 分钟后自动注销
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/20516969/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Automatic Logout after 15 minutes of inactive in php
提问by Prashant Bhatt
I want to destroy session if users are not doing any kind of activity on website. At that time after 5 users automatically redirect on index page. How is it possible? Is possible in php with session handling and for that I have to maintain or update user login time or not..
如果用户没有在网站上进行任何类型的活动,我想销毁会话。当时5个用户在索引页面上自动重定向。这怎么可能?可以在 php 中进行会话处理,为此我必须维护或更新用户登录时间。
回答by Realit?tsverlust
Pretty easy:
挺容易:
if(time() - $_SESSION['timestamp'] > 900) { //subtract new timestamp from the old one
echo"<script>alert('15 Minutes over!');</script>";
unset($_SESSION['username'], $_SESSION['password'], $_SESSION['timestamp']);
$_SESSION['logged_in'] = false;
header("Location: " . index.php); //redirect to index.php
exit;
} else {
$_SESSION['timestamp'] = time(); //set new timestamp
}
回答by Nahabwe Edwin
I got this solution from Sitepoint.com Using a simple meta tag in your html
我从 Sitepoint.com 得到了这个解决方案 在你的 html 中使用一个简单的元标记
<meta http-equiv="refresh" content="900;url=logout.php" />
The 900 is the time in seconds that you want the session to be terminated if inactive.
900 是您希望会话在不活动时终止的时间(以秒为单位)。
Hope it works for you
希望这对你有用
回答by Chris Ngure
This code was included in the connection.php to ensure that the code is included in any page but you can implement on any page you want
此代码包含在 connection.php 中以确保该代码包含在任何页面中,但您可以在任何您想要的页面上实施
if (isset($_SESSION['user-session']) OR isset($_SESSION['admin-session']) ) {
//then we are checking the activity sesssion $_SESSION['']
if (isset($_SESSION['last_active'])) {
//if the time is set then we check the difference
$max_time=5*60; #number of seconds
$now=microtime(date("H:i:s"));
//Checking the last active and now difference in seconds
$diff=round(microtime(date("H:i:s"))- $_SESSION['last_active']); #the difference of time
if ($diff>=$max_time) { #if the difference is greater than the allowed time!
//echo "logging out couse the time is".$diff;
header("location:logout.php");
}else {
$time=microtime(date("H:i:s"));
$_SESSION['last_active']=$time; #Updating the time
//echo 'More time added the time was!'.$diff;
}
}else{
//if there is no last active then we create it over here
$time=microtime(date("H:i:s"));
$_SESSION['last_active']=$time;
}}
回答by naman
Simple solution using .htaccess
使用 .htaccess 的简单解决方案
Add the below lines to your .htaccess file where 3600 is the number of seconds. Sessions will automatically be destroyed after certain time has nothing to do with the activity or inactivity.
将以下几行添加到您的 .htaccess 文件中,其中 3600 是秒数。Sessions 会在一定时间后自动销毁,与活动或不活动无关。
According to the below code session will be destroyed after 1 hour.
根据以下代码会话将在 1 小时后销毁。
php_value session.gc_maxlifetime 3600
php_value session.gc_probability 1
php_value session.gc_divisor 1
回答by naman
My Solution Is (i give you solution but this simple and syntax not been tried)
我的解决方案是(我给你解决方案,但没有尝试过这个简单的语法)
checkerOrCreatorTime.php
checkerOrCreatorTime.php
<?php
//if using the session, this additional advice me
ini_set('session.cookie_httponly', 1);
ini_set('session.use_only_cookies', 1);
session_start();
//create session (JUST FOR ONE TIME)
if (!isset($_SESSION['THE SESSION KEY FOR LOGIN (EX. USERNAME)'])){
//create anyting session you need
$_SESSION['user']['THE SESSION KEY FOR LOGIN (EX. USERNAME)'] = 'USER';
$_SESSION['user']['TIME'] = '900';
}else
if (time() -$_SESSION['TIME'] > 900){
unset($_SESSION['user']);
// and whatever your decision
}
?>
Faq:
常问问题:
1. Why use ['user'] is session login?
if you using many session for user, you just unset one var, like this.
2. why use a ini_set.... in this syntax?
for more security
if you like using modern web, just using javascript for ajax
如果您喜欢使用现代网络,只需将 javascript 用于 ajax
回答by kimo
session_start();
$t=time();
if (isset($_SESSION['logged']) && ($t - $_SESSION['logged'] > 900)) {
session_destroy();
session_unset();
header('location: index.php');
}else {$_SESSION['logged'] = time();}
回答by ujjal
<form action="index.php" method="post" name="frm"><input name="uname" type="text" placeholder="User Name" />
<input name="pass" type="password" placeholder="Password" />
<input name="submit" type="submit" value="submit" /></form>
In index.php
<?php if(isset($_SESSION['loggedAt'])) { header('dashboard.php'); }
if(isset($_POST['submit'])) { $name=$_POST['uname']; $pass=$_POST['pass'];
if($name=="admin" &amp;amp;&amp;amp; $pass=="1234") {
session_Start(); $_SESSION['username']=$name; $_SESSION['loggedAt']=time(); header('location:dashboard.php?msg=Welcome to dashboard'); } } ?>
in dashboard.php
if(time() - $_SESSION['loggedAt'] > 240) {
echo"<script>alert('Your are logged out');</script>";
unset($_SESSION['username'], $_SESSION['loggedAt']);
header("Location: " . index.php);
exit;
} else {
$_SESSION['loggedAt'] = time();
}
