How to remove a user from inactivity?

Question

How to remove a user from inactivity?

Navigation

#1 by (0 votes)

1

I would like to know how to remove a user when it becomes inactive on the page, for example in PHPMyAdmin, which removes the user after 24 minutes of inactivity?

If the first part is very difficult to explain could they at least tell if this is a correct code to make the removal of the idle user? Are there any security holes? Are there any possible improvements? Possible problems?

<?php
if ( isset($_SESSION['ultimoClick']) && !empty($_SESSION['ultimoClick']) ) {

$tempoAtual = time();

if ( ($tempoAtual - $_SESSION['ultimoClick']) > '900' ) {
session_unset($_SESSION['ultimoClick']);
$_SESSION = array();
session_destroy();
header("Location:logout.php");
exit();

}else{

$_SESSION['ultimoClick'] = time();

}

}else{

$_SESSION['ultimoClick'] = time();

}
?>

php session

asked by anonymous 19.07.2017 / 16:31

1 answer

Problems in Laravel Resources 5.4 within Groups Not returning the value when I use the QT C ++ query

score 0 · Answer 1

Your code will destroy the session after 15 minutes. Although the difference is not much, I would do something like this:

<?php
    session_start();

    // 10 minutos em segundos
    $inactive = 600; 

    $session_life = time() - $_session['timeout'];

    if($session_life > $inactive)
    {  session_destroy(); header("Location: logout.php");     }

    S_session['timeout'] = time();
?>