sergiocesar wrote:
here is the code:
// Control Session Time
if (isset($_SESSION['startTime'])) {
$timeDiff = time() - $_SESSION['startTime'];
//destroy session
if ($timeDiff > 3600) { // 60 minutes
//echo "You've been logged in too long. ($timeDiff)";
$_SESSION = array();
session_destroy();
setcookie('PHPSESSID', '', time()-3600, '/', '', 0,0);
}
} else {
$_SESSION['startTime'] = time();
}
I am not a programmer but it looks to me that this just destroy your session regardless in 1 hour.
actually it should reset the timer at any time IF it has not expired thus only expiring if it has been idle for 1 hour.
I dont have a test box and dont want to mess with something I dont fully understand. it seems to me that if we do this it may work???
// Control Session Time
if (isset($_SESSION['startTime'])) {
$timeDiff = time() - $_SESSION['startTime'];
//destroy session
if ($timeDiff > 3600) { // 60 minutes
//echo "You've been logged in too long. ($timeDiff)";
$_SESSION = array();
session_destroy();
setcookie('PHPSESSID', '', time()-3600, '/', '', 0,0);
}
// reset to zero if we still working..... next 3 lines
else{
$_SESSION['startTime'] = time();
}
} else {
$_SESSION['startTime'] = time();
}
if some smart programmer out there can comment!!!!
Did anyone try this code yet to see if it will work.
Kind Regards,
Les