Tweet
Hey, I have a login form on my site. I've noticed that it stays logged in indefinitely. Is there a way I can get it to timeout after a certain length of inactivity? Thanks (www.glutenfreemealplanner.com)
-
Re: Login Timeout
If you are using the BlueVoda Login Script, in the instructions where you create the Object on the protected page, these are the methods you will use if using BlueVoda version 12 and later:Originally posted by glutenf1 View Post
Insert the "Protect Page" object in the pages that you need to protect.
Right click it and select "Convert to Form". The object will be converted to a HTML box. Double click it and you will see its code that will be looking like this:
<?php
session_start();
if (!isset($_SESSION['username']))
{
header('Location: error.php');
exit;
}
?>
Insert the following code just AFTER the line session_start();
if(!isset($_SESSION['logintime'])){
$_SESSION['logintime'] = time();
}else {
if(time() > $_SESSION['logintime'] + 15 * 60){
unset($_SESSION['username']);
}else{
$_SESSION['logintime'] = time();
}
}
15 is the session expiry in minutes. You can change it to whatever you need.
Please note that as is, the code, will renew the session expiry for 15 minutes after each page load. So if the user keeps on moving on the site, his session is renewed. Otherwise it expires after 15 minutes.
THE ABOVE IS ONLY AVAILABLE USING BV12
If you have BV 11 this is not available.
If you want to continue working with BV 11, then:
Add a small HTML box in your page. Paste the entire code, that is
<?php
session_start();
if(!isset($_SESSION['logintime'])){
$_SESSION['logintime'] = time();
}else {
if(time() > $_SESSION['logintime'] + 15 * 60){
unset($_SESSION['username']);
}else{
$_SESSION['logintime'] = time();
}
}
if (!isset($_SESSION['username']))
{
header('Location: error.php');
exit;
}
?>
Remove the standard Protect Page object.
The "time()" should remain as is (this is not where you insert a time parameter).
Using a HTML box, you will have to manually type the "Access denied Page" (which I supposed to be the "error.php" page but you can have any page you like.)
If you want to restrict access to specific users, you should further modify the code. -
Re: Login Timeout
Thanks for the code. I applied it and it seems to work for timing out, but I'm having a little bit of trouble logging back in. If I try to log back in after it has timed out, I cannot get in with the same password and username. Any suggestions on how to fix this? Here is the actual code that I am using ...
<?php
session_start();
if(!isset($_SESSION['logintime'])){
$_SESSION['logintime'] = time();
}else {
if(time() > $_SESSION['logintime'] + 15 * 60){
unset($_SESSION['username']);
}else{
$_SESSION['logintime'] = time();
}
}
if (!isset($_SESSION['username']))
{
header('Location: ./mealplans.php');
exit;
}
?>Comment
-
Re: Login Timeout
Sorry - not a Coder!
It took me a good hour just to find this proper Code buried in the Forums to present to you as your 'Solution' .....Comment
Comment