• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Validating user sessions in PHP/CI

Hi All,
I am sorry if this is a basic question, but I am new to PHP/CI. I am developing a web application using CI and I will need to do a couple of basic things:

1. I will need to logout an inactive user after 20 minutes.
2. I also want a clean way of validating a user session every time they navigate to a URL after they have logged in. The obvious thing that I can think of is to call a validate_user_session method from every function in the controller, but I dont know if that is a clean way of doing it.

Any pointers are appreciated.


[eluser]Dan Bowling[/eluser]
I'm really new to CI, so take my advice with that context.

What I've done on a current project that needed some security, but not a lot, is modified the Session variables setting:

$config['sess_expiration']        = 7200;

That is the timout of the session in seconds (the default is two hours).

In my controllers (all that require authentication), I've put a session check in the constructor:

class Schools extends Controller {

    function Schools()
        if ($this->session->userdata('logged_in')!=TRUE)
            redirect('/authentication/login', 'refresh'); //if no login session, then prompt for login
        else {
    function index()

This looks good and is what I wanted. Thanks!

[eluser]RaZoR LeGaCy[/eluser]
Couldn't do this too?

if (!$this->session->userdata('logged_in'))

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  

  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.