Hi friends, I have the requirement that when a user login in the site and he/she inactive in the site more than 5 minutes then user will logout from the site.
For this i followed below code and i succeed,
In the login.php file :
<?php
session_start();
include("dbconfig.php");
if(isset($_POST))
{
$current_time =time();
$current_date=date("d-m-Y");
extract($_POST);
$query ="select * from users where user_email='".$textfield."' and user_pword='".$textfield2."' and user_status='1' ";
$rs_user= mysql_query($query);
$no_rows = mysql_num_rows($rs_user);
if($no_rows > 0){
while($resGetAdmin = mysql_fetch_assoc($rs_user)){
$selQuery="select * from login where user_id=".$resGetAdmin['user_id'] ." AND loginDate ='$current_date'";
$rgetData= mysql_query($selQuery);
$num_login = getSqlNumber($selQuery);
if($num_login==0) {
$insQuery= "insert into login (user_id,loginTime,loginDate,count) values (".$resGetAdmin['user_id'].",'$current_time','$current_date',1)";
$login_user= mysql_query($insQuery);
$insert_id=mysql_insert_id();
$_SESSION['loginTime']=$current_time;
}else{
$count = mysql_result($rgetData,0,’count’);
$count = $count+1;
$updateQuery= "update login set loginTime='$current_time' ,loginDate='$current_date' , count ='$count' where user_id=".$resGetAdmin['user_id'] ." AND loginDate='$current_date'";
$login_user= mysql_query($updateQuery) or mysql_error();
$_SESSION['loginTime']=$current_time;
}
$_SESSION['user_id']=$resGetAdmin['user_id'];
header("Location: secure.html");
exit;
}
}
else
{
header('Location:'.$currentUrl);
exit;
}
}
?>
session_start();
include("dbconfig.php");
if(isset($_POST))
{
$current_time =time();
$current_date=date("d-m-Y");
extract($_POST);
$query ="select * from users where user_email='".$textfield."' and user_pword='".$textfield2."' and user_status='1' ";
$rs_user= mysql_query($query);
$no_rows = mysql_num_rows($rs_user);
if($no_rows > 0){
while($resGetAdmin = mysql_fetch_assoc($rs_user)){
$selQuery="select * from login where user_id=".$resGetAdmin['user_id'] ." AND loginDate ='$current_date'";
$rgetData= mysql_query($selQuery);
$num_login = getSqlNumber($selQuery);
if($num_login==0) {
$insQuery= "insert into login (user_id,loginTime,loginDate,count) values (".$resGetAdmin['user_id'].",'$current_time','$current_date',1)";
$login_user= mysql_query($insQuery);
$insert_id=mysql_insert_id();
$_SESSION['loginTime']=$current_time;
}else{
$count = mysql_result($rgetData,0,’count’);
$count = $count+1;
$updateQuery= "update login set loginTime='$current_time' ,loginDate='$current_date' , count ='$count' where user_id=".$resGetAdmin['user_id'] ." AND loginDate='$current_date'";
$login_user= mysql_query($updateQuery) or mysql_error();
$_SESSION['loginTime']=$current_time;
}
$_SESSION['user_id']=$resGetAdmin['user_id'];
header("Location: secure.html");
exit;
}
}
else
{
header('Location:'.$currentUrl);
exit;
}
}
?>
Include the file
In the Remaining pages which are in the secure pages of site append the below code:
<?php include("timeout.php"); //added; contains timeout info ?>
The timeout.php code is below:
<?php
session_start();
$timeout_length = 300;
$current_time =time();
$current_date=date('d-m-Y');
if ($current_time – $_SESSION['loginTime'] > $timeout_length) {
session_unregister(user_id);
header("Location:redirect.html");
exit;
}
else
{
$_SESSION['loginTime'] = $current_time;
$updateQuery= "update login set loginTime='".$_SESSION['loginTime']."', loginDate='$current_date' where user_id=".$_SESSION['user_id']." AND loginDate='$current_date'";
$login_user= mysql_query($updateQuery) or mysql_error();
}
?>
session_start();
$timeout_length = 300;
$current_time =time();
$current_date=date('d-m-Y');
if ($current_time – $_SESSION['loginTime'] > $timeout_length) {
session_unregister(user_id);
header("Location:redirect.html");
exit;
}
else
{
$_SESSION['loginTime'] = $current_time;
$updateQuery= "update login set loginTime='".$_SESSION['loginTime']."', loginDate='$current_date' where user_id=".$_SESSION['user_id']." AND loginDate='$current_date'";
$login_user= mysql_query($updateQuery) or mysql_error();
}
?>
The Database table for login table:
CREATE TABLE IF NOT EXISTS `login` (
`login_id` int(11) NOT NULL auto_increment,
`user_id` int(11) NOT NULL,
`loginTime` varchar(255) NOT NULL,
`loginDate` varchar(255) NOT NULL,
`count` int(11) NOT NULL,
PRIMARY KEY (`login_id`)
)
`login_id` int(11) NOT NULL auto_increment,
`user_id` int(11) NOT NULL,
`loginTime` varchar(255) NOT NULL,
`loginDate` varchar(255) NOT NULL,
`count` int(11) NOT NULL,
PRIMARY KEY (`login_id`)
)
It will be useful . . .
Thank you,
Anil Kumar Panigrahi
3 Comments
xRommelx
February 19, 2010 at 5:36 amvery useful
Sanjib Jena
September 17, 2010 at 1:15 pmGood script, But is it possible to do the same without using Database
Thanks
Ronald M.
February 20, 2012 at 5:53 amim a newbie in PHP.
is it possible to do the same without using Database
which i can only add – – on each secured page
thanks,