SitePoint Sponsor

User Tag List

Results 1 to 5 of 5
  1. #1
    SitePoint Enthusiast
    Join Date
    Feb 2004
    Location
    Body
    Posts
    53
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Kill session after 20 minutes

    I'd like to kill a session after a user has been inactive for 20 minutes. My logic is as follows:

    1. Select all the users currently flagged as 'logged in'
    2. Check to see when they last did something on the site
    3. If the difference between the current time and the time they last did something is greater than 20 minutes set them to logged out, and kill their session.

    Here's my code:
    Code:
    <?
    //When a user logs in... isLoggedIn is set to 1.  Return all users that are currently flagged as logged in
    //Any time a user accesses a new page on the site, or performs an action on an existing page, lastActionTime is updated
    $sql="select user, lastActionTime from userTable where isLoggedIn=1";
    $result=@mysql_query($sql);
    
    while ($row=@mysql_fetch_array($result)){
    $user=$row['user'];
    $lastActionTime =$row['lastActionTime'];
    
    //if the difference between the current time and the last time the user did something is greater than 20 minutes the user is considered inactive... update isLoggedIn to 0, and kill the user's session
    $logOutTime=$lastActionTime+1201;
    $nowTime=time();
    if($nowTime>=$logOutTime){
    $update="UPDATE userTable set isLoggedIn=0 where user='$user'";
    $updateResult=mysql_query($update);
    unset($_SESSION['user']);
    }
    }
    ?>
    isLoggedIn is correctly updated when appropriate, but the session for the individual user is not terminated.

    My intent is to run this from a cron every 20 minutes to maintain an active list of "Who's online". Any ideas on how I can adjust this code to implement this functionality?

    Thank you for your time.

  2. #2
    Twitter: @AnthonySterling silver trophy AnthonySterling's Avatar
    Join Date
    Apr 2008
    Location
    North-East, UK.
    Posts
    6,111
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    By session, do you mean PHP session? Or do you handle the users state entirely within your database?
    @AnthonySterling: I'm a PHP developer, a consultant for oopnorth.com and the organiser of @phpne, a PHP User Group covering the North-East of England.

  3. #3
    SitePoint Enthusiast
    Join Date
    Feb 2004
    Location
    Body
    Posts
    53
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I mean PHP session, not stored in a database.

    If the solution is to store the session in a database, I could do that as well... offhand though, this just seemed like the quicker solution.

  4. #4
    Twitter: @AnthonySterling silver trophy AnthonySterling's Avatar
    Join Date
    Apr 2008
    Location
    North-East, UK.
    Posts
    6,111
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Unless you link the data within your database to the users session, there would be no way for any change in the database to affect the session.

    If you want limited dependency between your database and the users session, I would place a check to see if the users state isLoggedIn from the database on each relevant request.

    If not, perform a session_destroy() and redirect as appropriate.

    I hope I'm making some sense at this late hour!
    @AnthonySterling: I'm a PHP developer, a consultant for oopnorth.com and the organiser of @phpne, a PHP User Group covering the North-East of England.

  5. #5
    SitePoint Wizard bronze trophy
    Join Date
    Jul 2008
    Posts
    5,757
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Code:
    UPDATE userTable
       SET isLoggedIn = 0
     WHERE lastActionTime < CURRENT_TIMESTAMP - INTERVAL 20 MINUTE
    If you run that via cron every 20 minutes, that will log inactive people out after 20-39 minutes of inactivity(the query will sometimes run when some users are at 19 minutes of inactivity, and wont run again until they are 39 minutes inactive. run more frequently if needed.)


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •