Force inactive user to logout
Question
I want to logout the inactive user after 5 minutes.
I'm using this code to track the user activities
if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 7)) {
// last request was more than 30 minutes ago
session_unset(); // unset $_SESSION variable for the run-time
session_destroy(); // destroy session data in storage
header('Location: ../index.php');
exit;
}
$_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp
but the problem when the time is out it won't destroy the session and redirect him unless the user open or refresh the page
I want to log him out automatically
how can I achieve that ?
1 answers
solution1
1 ACCPTED 2016-12-16 00:47:54
Since there is no interaction with the server unless the user reloads the page, anything you do here needs to be in Javascript. If it were me I would do an AJAX call to the server periodically to see if the session has expired and then redirect them, once it sees a timeout, to another page. Note that you will have to add header information to stop the page being cached so that the user can't hit the back button (if you really want to stop them viewing the old data).
For IE you need to set quite a lot to stop the caching,.. here is the set of stuff I tend to send as headers in PHP
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
header('Last-Modified: ' .gmdate("D, d M Y H:i:s") .' GMT');
header('Cache-Control: no-cache, must-revalidate');
header('Pragma: no-cache');
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.