Please excuse me, I know there are some questions on stack overflow regarding this, but I don't find any solution that suits my problem. I've a problem, when the session is expired the page is not reloading automatically. Please help. Thank You! Any help would be appreciated.
This is the code I've tried, $_SESSION['created'] = time();
if((time() - $_SESSION['created']) > 600) {
header("Refresh: 1;url='logout.php'");
} else {
$_SESSION['created'] = time();
}
As per your need you have to check the session each seconds once session is valid or not in server side so do something like this.
1) Created a javascript and ajax for checking a session is expired or not in server side each seconds once
2) session.php page to check the valid session or not
3) Then return the 1 or -1 based on that trigger the location.reload() function it automatically moved to logout.php because your top condition become true now.
session.php
<?php
session_start();
if(!isset( $_SESSION['created'] ) || (time() - $_SESSION['created']) > 600) {
session_destroy();
echo "-1";
} else {
echo "1";
}
?>
Paste this javascript in each and every page
Java Script :
<script type="text/javascript">
function session_checking()
{
$.post( "session.php", function( data ) {
if(data == "-1")
{
alert("Your session has been expired!");
location.reload();
}
});
}
var validateSession = setInterval(session_checking, 1000);
</script>
This code should be each page top
if(!isset( $_SESSION['created'] ) || (time() - $_SESSION['created']) > 600) {
header("Refresh: 1;url=logout.php");
} else {
$_SESSION['created'] = time();
}
My url is opening in all browsers even when I am using sessions. Ex abc.com/123.php without users logged in. This opens up in all browsers. I am using this code.All codes are in < php open/close tags ok codes which ia m using are
<?php
session_start();
if (isset($_SESSION['LAST_REQUEST_TIME'])) {
if (time() - $_SESSION['LAST_REQUEST_TIME'] > 600) {
// session timed out, last request is longer than 10 minutes ago
unset($_SESSION);
session_destroy();
header("location:userlogin.php");
}
} else {
$_SESSION['LAST_REQUEST_TIME'] = time();
}
if($_SESSION['username']=="");
?>
I am not sure that this compiles well. Because there are a couple of problems.
Be careful with this line of code:
if($_SESSION['username']=="");
This means that true part of this if statement finishes at semicolon.
Second thing is that your else part is never executed but printed as regular HTML.
I would write it like this:
<?php
session_start();
if (isset($_SESSION['LAST_REQUEST_TIME'])) {
if (time() - $_SESSION['LAST_REQUEST_TIME'] > 600) {
// session timed out, last request is longer than 10 minutes ago
unset($_SESSION);
session_destroy();
header("location:userlogin.php");
}
} else {
$_SESSION['LAST_REQUEST_TIME'] = time();
}
if(isset($_SESSION['username'])) {
?>
///////SOME HTML CODE/////
<?php
} else {
header("location:to_some_login_page.php");
}
?>
And I believe that is what you intended to to with closing <?php tag.
Also for readability I suggest you to do just this:
if ($_SESSION['username']!="") {
header("location:to_some_login_page.php");
}
So you don't even need else part, because as soon as header is set, he will be redirected.
Because your
else {
header("location:to_some_login_page.php");
}
is outside of <?php ?>
Try This:
<?php
session_start();
if (isset($_SESSION['LAST_REQUEST_TIME'])) {
if (time() - $_SESSION['LAST_REQUEST_TIME'] > 600) {
// session timed out, last request is longer than 10 minutes ago
unset($_SESSION);
session_destroy();
header("location:userlogin.php");
}
else {
$_SESSION['LAST_REQUEST_TIME'] = time();
}
if($_SESSION['username']=="");
///////your code/////
}
else {
header("location:to_some_login_page.php");
}
?>
I have a website in php which has a log in system. I would like to log the user out after 10min if the website is inactive. To do this I was going to use the following code:
session_start();
// set timeout period in seconds
$inactive = 600;
// check to see if $_SESSION['timeout'] is set
if(isset($_SESSION['timeout']) ) {
$session_life = time() - $_SESSION['start'];
if($session_life > $inactive) {
session_destroy();
header("Location: index.php");
}
}
$_SESSION['timeout'] = time();
However when I run the website and refresh the page it logs out and directs the page to "index.php" even before the "600 seconds" have passed.
What might be the problem here and how can I know that the page has inactive?
Thanks a lot for your help.
session_start();
// set timeout period in seconds
$session_timeout = 600;
if (!isset($_SESSION['last_visit'])) { $_SESSION['last_visit'] = time(); } // I like brackets!
if((time() - $_SESSION['last_visit']) > $session_timeout) {
session_destroy();
header("Location: index.php"); // think about user feedback, "your session timed out" ... index.php?action=session_timeout
exit; // <= IMPORTANT !!!
}
$_SESSION['last_visit'] = time();
Where did you define $_SESSION['start' ]? I test this:
$session_life = time() - $_SESSION['start'];
echo $session_life ,' - ', $_SESSION['timeout'];
die();
And both $session_life and $_SESSION['timeout'] has the same values so the question is, which value takes $_SESSION['start']?
My web structure is
Header-of-page
Nav Link || iFrame
Footer
I'm Trying to handle session timeout, when session has timeout I'm trying to redirect page to login page, this works fine(session timeout).
Problem:
When I'm redirecting the page,login page is displayed in iFrame, which is not expected.
How can I redirect to login page(whole window),rather than opeing it in iFrame.
I Tried:
1. using header
2. using javascript(Commented)
<?php session_start();
$timeout = 1; // Set timeout minutes
$timeout = $timeout * 60; // Converts minutes to seconds
if (isset($_SESSION['timeout']))
{
$session_life = time() - $_SESSION['timeout'];
if ($session_life > $timeout)
{
session_destroy();
header("Location: login.php?msg=timeout");
// echo '<script language="javascript">';
// echo 'window.location.replace("login.php");';
// echo '</script>';
}
}
$_SESSION['timeout'] = time();
?>
Please guide me for this issue. Thanks!
Try this: window.top.location.href = "http://www.site.com";
As long as this is on the same domain name.
More here: Redirect parent window from an iframe action
use this one
in script window.parent.location='http://localhost/users/login.php'
or follow this link
https://forums.digitalpoint.com/threads/button-to-navigate-to-a-new-page-but-exit-the-iframe-too.1846291/
hope you will get solution.
create form with target="_parent" and action="login.php"
and submit using $(form).submit();
The problem here is than the iFrame is a another window in the partent window.
So when is begin redirected the iFrame only affect self (Not the parent or partents of the parent).
To don't use javascript we can put a link to login.php wich target the parent.
Goto login.php
_top will target the top window frame.
http://reference.sitepoint.com/html/a/target#target__li5 Read about target attribute set on _top.
The other method is using javascript:
window.top.location.assign("http://www.yoursite.com/login.php"); // Redirect
// window top frame to "http://yoursite.com/login.php"
Please read following links about javascript window documentation:
http://www.w3schools.com/jsref/prop_win_top.asp
http://www.w3schools.com/js/js_window_location.asp
In case yo want a "PHP" code, just use echo
http://www.php.net/manual/en/function.echo.php
I hope this mightly helps.
one of the probably mistakes,
if the encoding of this file is "UTF-8" it will create 2 hidden characters in the top of the file.
To fix this issue, try to change the encoding to "UTF-8 without BOM"
you can put a exit; after the redirect
<?php session_start();
$timeout = 1; // Set timeout minutes
$timeout = $timeout * 60; // Converts minutes to seconds
if (isset($_SESSION['timeout']))
{
$session_life = time() - $_SESSION['timeout'];
if ($session_life > $timeout)
{
session_destroy();
header("Location: login.php?msg=timeout");
exit(); // LOOK AT THIS LINE
// echo '<script language="javascript">';
// echo 'window.location.replace("login.php");';
// echo '</script>';
}
}
$_SESSION['timeout'] = time();
?>
Try this way. Php redirection works before JS redirection so browser never runs JS.
which that's the only way you can redirect whole window object.
<?php session_start();
$timeout = 1; // Set timeout minutes
$timeout = $timeout * 60; // Converts minutes to seconds
if (isset($_SESSION['timeout']))
{
$session_life = time() - $_SESSION['timeout'];
if ($session_life > $timeout)
{
session_destroy();
// header("Location: login.php?msg=timeout");
echo '<script language="javascript">window.top.location.href = "login.php?msg=timeout";</script>';
}
}
$_SESSION['timeout'] = time();
You would need to break the iframe. Try this..
if(this != top){
top.location.href = this.location.href;
}
OR (with doc reference)
if(this != top){
top.document.location.href = this.document.location.href;
}
Alternatively
this.top.location !== this.location && (this.top.location = this.location);
I am guessing this php being in the file running in the iframe in that case you have to instruct the parent window to redirect to login.
Echo the below code from php so when you page will render in browser, it will instruct the script to reload the page. But for the page not to load the rest of the page issue an exit(0). Your final script should look like below.
<?php session_start();
$timeout = 1; // Set timeout minutes
$timeout = $timeout * 60; // Converts minutes to seconds
if (isset($_SESSION['timeout']))
{
$session_life = time() - $_SESSION['timeout'];
if ($session_life > $timeout)
{
session_destroy();
echo '<script language="javascript">';
//Echo the exact full url to your login page
echo 'window.parent.location="login.php?msg=timeout"';
echo '</script>';
exit(0); // So script won't go further displaying the page
}
}
$_SESSION['timeout'] = time();
?>
Hope that helps.
Check this solution out. I would put it before the header to prevent flickering. This way, your page will be prevented from swallowing itself.
http://usablelayout.com/articles/automatically-break-out-iframe
<script type="text/javascript">
<!--
if (top.location!= self.location) {
top.location = self.location.href
}
//-->
</script>
If you are using the login action on the same page, Header redirection will not work.
you can use simple the window.location.href='url';
For the login , you have to send the login query to new page, from there you can easily redirect easily...
Try this one
php
echo "<script> window.location='forgot.php'</script>";
html
<META HTTP-EQUIV="REFRESH" CONTENT="3;URL=http://google.com">
I have a script to protect the webpages so that only registered member of my site access certain pages say i call that memberprotect.php and in that file itself i am adding an script that will keep the sesion active for 360 seconds and if the webpage is inactive for more that 360 seconds i want to redirect the page to logintimeout.php. but my problem is the script automatically taking the member page to loin.php instead of logintimeout.php pls help or sugest what i should do . pasting the entire script below
<?
session_start();
// set timeout period in seconds
$inactive = 360;
// check to see if $_SESSION['timeout'] is set
if(isset($_SESSION['timeout']) ) {
$session_life = time() - $_SESSION['timeout'];
if($session_life > $inactive)
{ session_destroy();
header('Location:logintimeout.php'); }
}
$_SESSION['timeout'] = time();
if(!session_is_registered(myusername))
{
header('location:login.php');
}
?>
When you issue a location header, you should stop the script from executing any further. For example:
<?php
header("location:http://www.google.co.uk/");
exit();
?>