发表新帖
发表新帖

Automatically re-direct a user when session Times out or goes idle

前端 未结
关注
3 1619
无人及你
无人及你 2020-12-08 17:43

I want to have a timer going to run every 3 minutes on the page (javascript), to detect if a php session ($_SESSION) has timed out... and if so, redirect them automatically.

相关标签:
3条回答
  • 轻奢々
    2020-12-08 18:26

    New and improved solution

    As mr kennedy pointed out my original solution (below) doesn't work. so here is a way to do it.

    In the user database keep a last-activity timestamp that updates every time a user loads a page.

    Then in a checkaccess.php

    if ( time-last_access > max_inactivity_time ) {
     return array('access' => '0');
}
else {
     return array('access' => '0');
}

    Call checkaccess.php in the javascript timer(below) and logout accordingly

    This also allows for a "currently logged in users" function

    thanks mr kennedy

    Original, non-working solution

    Create a php page that returns 1 or 0 based on the validity of the current users session

    Then in your pages that you want to timeout add this to the head (you need jquery)

    setInterval(function(){
   var url = UrL_OF_SESSION_CHECKING_PAGE;
      $.getJSON( url,
         function( data ) {
            if (data.access=='0') {
               window.location = LOGIN_PAGE;
            }
         }
      );
}, 180000);

    Every 180 seconds (3 minutes) it requests the php page and gets the validity of the session. If its invalid it redirects to a login page

    If the user has multiple pages open the pages will timeout and redirect at different times because their timers are different.

    Here's a good page on javscript timers http://ejohn.org/blog/how-javascript-timers-work/

    Simple session checking page

    session_start();
die(
    json_encode(
        isset( $_SESSION['VARIABLE'] ) ? array( 'access' => '1') : array( 'access' => '0' )
    )
);

    change VARIABLE to one of your session variables

    0 讨论(0)
  • 面向向阳花
    2020-12-08 18:36

    If you want this to happen before the page is even refreshed, you'll want periodic ajax calls. You can use jQuery Heartbeat to make calls every 3 minutes, and use one of the PHP methods already provided by other users to check the session

    0 讨论(0)
  • 眼角桃花
    2020-12-08 18:38

    You could use a simple meta refresh:

    <meta http-equiv="refresh" content="180;url=http://example.com/logout" />

    Or you implement a timeout with PHP:

    session_start();
if (isset($_SESSION['LAST_REQUEST_TIME'])) {
    if (time() - $_SESSION['LAST_REQUEST_TIME'] > 180) {
        // session timed out, last request is longer than 3 minutes ago
        $_SESSION = array();
        session_destroy();
    }
}
$_SESSION['LAST_REQUEST_TIME'] = time();

    Then you don’t need to check every 3 minutes if the session is still valid.

    0 讨论(0)
 看不清?
提交回复
热议问题