I need to check if a the time between session_start and current time exceeded 10 minutes. I've tried this:
$session_duration_max = 10; // 10 min
$current_time = time();
if ((time() - $_SESSION['session_start']) > $session_duration_max ) {
// session expired
}
// elsewhere I set session
$_SESSION['session_start'] = time();
But I keep getting 0 when I subtract time() - $_SESSION['session_start'])
What am I missing?
time() is measured in seconds. To correctly set the timeout after 10 minutes, you must multiply the timeout duration by 60 seconds.
// Session does not exist
if(!$_SESSION) {
// First Session:
$_SESSION['session_start'] = time();
}
$session_duration_max = (10 * 60); // 10 min
// Check if current time is larger than timeout
if ((time() - $_SESSION['session_start']) > $session_duration_max ) {
// session expired
// delete session and require
}
Above is a better idea of a system that would make sure timeout is honored.
Related
I want to expire PHP session after 3 hours of user inactivity. Therefore I am using following code.
ini_set('session.gc_maxlifetime', '10800');
ini_set('session.cookie_lifetime', '10800');
But I can't see it is working as expected. It is expiring the session after 3 hours whether I am actively using the application. I want to achieve this from the application. Not from the php.ini file.
How can I use PHP session to expire and Sign Out the user from the application after 3 hours of user inactivity ?
Thanks in advance
You can do something like that in php:
<?php
session_start();
$duration = (DURATION * 60);
if(isset($_SESSION['started']))
{
$showform = 0;
$time = ($duration - (time() - $_SESSION['started']));
if($time <= 0)
{
unset($_SESSION['count']);
unset($_SESSION['offender']);
$showform == 1;
}
}
else
{
$_SESSION['started'] = time();
}
?>
Set the time duration and unset it after the duration expires. Replace Duration text with minutes count like 3 hours = 180 minutes so put 180 there.
I want to check if a hash I've stored in my database is expired, i.e older than 30 minutes.
This is my check
$db_timestamp = strtotime($hash->created_at);
$cur_timestamp = strtotime(date('Y-m-d H:i:s'));
if (($cur_timestamp - $db_timestamp) > ???) {
// hash has expired
}
Timestamps are numbers of seconds, so you want to see if the age of the hash (in seconds) is greater than the number of seconds in 30 minutes.
Figure out how many seconds there are in 30 minutes:
$thirtymins = 60 * 30;
then use that string:
if (($cur_timestamp - $db_timestamp) > $thirtymins) {
// hash has expired
}
You can also cleanup the code by doing the following:
$db_timestamp = strtotime($hash->created_at);
if ((time() - $db_timestamp) > (30 * 60)) {
// hash has expired
}
I have a php script where I need to make sure a pre-set "future" time has not passed.
When the time is originally logged (or passed and needs relogged), I am taking:
$newTime = time() + 15000; // 2.5 minutes from "now"
The system is tossing this in the DB no problem and the numbers appear to be correct.
Now, when the page is loaded, it pulls the number from the DB and loads it into the .php file:
error_reporting(E_ALL);
ini_set('display_errors',1);
$tname = $_SESSION['username']."Data";
$results = $conn->query("SELECT val FROM $tname where pri='pettyTimer'") or die(mysqli_error($conn));
//$conn declared elsewhere for connection and does work properly
$row = $results->fetch_assoc();
$timer = $row['val'];
I am then comparing the times:
$now = time();
if ($timer > time()) { //script below
} else {
//more script that seems to be working fine
}
When the original conditional $timer > time() is true I am trying to break down the minutes and seconds of the time remaining and echoing them in a basic format that is readable to the user:
$raw = ($timer - $now);
$minutesLeft = floor($raw / 60000);
$totalMinutes2Mils = $minutesLeft * 60000;
$totalRemainingSecs = round(($raw - $totalMinutes2Mils) / (1000));
echo "You are still laying low from the last job you ran. You still have ".$minutesLeft." Minutes and ".$totalRemainingSecs." Seconds left.";
My problem is, the time does not appear to be shifting when I refresh/reload the page.
I echoed both time() and $timer and they are 15000 milliseconds apart when I first loaded it, so this should only exist (conditional be true) for about 2.5 minutes, but I've been working at least 5 minutes since my last set and it's still at 14 seconds.
Can someone please double check my math to make sure I'm calculating this correctly? Thanks!
The time() function returns the current time in the number of seconds since the Unix Epoch (January 1 1970 00:00:00 GMT).
http://www.w3schools.com/php/func_date_time.asp
You are treating it as milliseconds, but should be treating it as straight seconds. take about /1000 and you should be ok.
$minutesLeft = floor($raw / 60);
$totalMinutes2Mils = $minutesLeft * 60;
$newTime = time() + (60*2.5); // 2.5 minutes from "now"
time() returns seconds, not milliseconds, so you should add 150 instead of 15000 to get 2:30 minutes.
We already know that the following code in PHP will log the user out after 5 mins of inactivity.
$timeout = 5*60; // Set timeout minutes
$logout_redirect_url = "index.php"; // Set logout URL
if (isset($_SESSION['start_time'])) {
$elapsed_time = time() - $_SESSION['start_time'];
if ($elapsed_time >= $timeout) {
session_unset();
session_destroy();
header("Location: $logout_redirect_url");
}
}
$_SESSION['start_time'] = time();
I want to implement a modification of the current code and do something like this:
Assume the user logs out when he had 3 minutes left before automatic logout(assuming the time doesn't restart for him after his inactivity for 2 minutes), we keep track of the time he has left by storing it in a DB (MySQL) and later on start reducing from the same 3 minutes after he logs back in. How can i do this?
Track by the time used, not the currentTime/storedTime. Just use those to figure out the time remaining. This is a quick example. There may be some small errors and improvements that can be made. It should be plenty to help you implement a solution.
User visits page:
if (empty($_SESSION['start_time'])) {
$_SESSION['start-time'] = time();
}
$timeLeft = //get time from db
//if there is a value in the db, that is the time left, otherwise, use the max time allowed (new timer)
$timeLeft = (!empty($timeLeft)) ? $timeLeft : $timeAllowed
$timePassed = time() - $_SESSION['start_time'];
if ($timePassed > $timeAllowed) {
//logout
}
Then, when the user leaves:
$timeLeft = $timeAllowed - (time() - $_SESSION['start_time']);
//Store $timeLeft in the database - should be a value like 180 (3 minutes)
I have a time() value saved in a variable like this:
$latest_attempt = 1337980678;
I am trying to calculate some delay.
$remaining_delay = time() - $latest_attempt - $delay;
However the result of $remaining_delay is increasing when I update the browser, and not the way around.
"You must wait 95 seconds before your next login attempt"
If I update some seconds later "You must wait 102 seconds before your next login attempt"
It's doing the opposite what it should doing, instead it would rather decrease than increase. What have I done wrong? I believe I need to do something with latest_attempt variable, but I could not find anything i the php manual.
I'd say, something like this:
$remaining_delay = $latest_attempt + $delay - time();
$time_since_last = time() - $last_attempt;
if ($time_since_last <= $delay) {
$remaining = $delay - $time_since_last;
} else {
... good to go ... delay's expired
}
The remaining delay is the difference between that moment in time when the blockage expires ($last_attempt + $delay because from $last_attempt on, the user is blocked for a period of $delay) and the current time (time()) - therefore the correct formula is:
$remaining_delay = ($latest_attempt + $delay) - time();
if ($remaining_delay > 0) {
die('Access denied, you need to wait another '. $remaining_delay .' seconds');
}