Posted by trlists on 03/16/05 16:50

For the basic logout, it's very easy.

Store a session variable which is the "last active time". Initialize
it to the current time when the user logs in.

Each time a page loads, start the session and check current time
against the last active time. If the difference is over the limit,
display a message and/or go back to the login screen. If it is not,
reset the last active time to the current time.

This way you have a timer which is reset on every page load. If no
page is loaded for some given amount of time, the timer "expires" and
you force a new login.

To update the logged in status in the database after a time-based
logout, you need a way to know when the user has *not* done something,
and that by definition is not going to come from the user themselves.
So you have to use a cron job which resets the database flag, there's
no way around it. You could store the "last active time" described
above in the database in addition to or instead of in the session data
to facilitate this.

--
Tom

• Prev in thread: Re: [PHP] Auto logout
• Next in forum: XPath Query Exressions and Quote Characters
• Prev in forum: Multiple Categories
• Thread view: Auto logout

[Reply to this message]