Expire Session When Not Active |
I would like to ask on how to automatically expired user session when it's not active? I find out that CI never expire it's session and when I tried to make $config['sess_time_to_update'] lower than $config['sess_expiration'] it expired even if the user is actively using the web application. Thanks in advance.
There are those who tell lies with meaning behind them and those meaning less lies!
PHP Code: $config['sess_expiration'] = 0; // Session will expire on web browser close. What did you Try? What did you Get? What did you Expect?
Joined CodeIgniter Community 2009. ( Skype: insitfx )
(04-28-2017, 04:50 AM)arisroyo Wrote: Or maybe something like this in MY_Controller if yu like to kick out people who are inactive (=makes no requests): http://stackoverflow.com/questions/91245...or-15-mins Depends what you mean with "not active".
04-29-2017, 04:07 AM
(This post was last modified: 04-29-2017, 04:08 AM by arisroyo. Edit Reason: words )
Thanks to both of you that helps a lot.
The logic is if user is keep using the web application the session must continue and if inactive for 15 minutes for the session should be expired even without closing the browser. So I combine PHP.ini session configuration with CI session configuration PHP.ini Session Configuration session.gc_maxlifetime = 900 (15 minutes) CodeIgniter Configuration $config['sess_expiration'] = 900; (15 Minutes) $config['sess_time_to_update'] = 450; (7 half minutes for update)
There are those who tell lies with meaning behind them and those meaning less lies!
If you need to check the time then you would need to use a javascript timer event for check like that,
then you could just have the sessions not expire until browser close. If you need to keep them logged it then you could do an autoload user on web site access using a remember me cookie. What did you Try? What did you Get? What did you Expect?
Joined CodeIgniter Community 2009. ( Skype: insitfx )
I think you should be OK by setting time() in a sesssion on each request. Every new request compares time() with the timestamp you put in the session on the old request. If the diff is >15 min, kick the user out by destroying and unset the session, If the diff is < 1 min overwtire the session with the new time().
With database sessions, you could always do a delete query for timestamps older than X mins. Run this via cron every minute or whenever you feel like it.
|
Welcome Guest, Not a member yet? Register Sign In |