• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Expire Session When Not Active

#1
Tongue 
Sleepy

I would like to ask on how to automatically expired user session when it's not active?
I find out that CI never expire it's session and when I tried to make $config['sess_time_to_update'] lower than $config['sess_expiration']
it expired even if the user is actively using the web application.

Thanks in advance.
There are those who tell lies with meaning behind them and those meaning less lies!
Reply

#2
PHP Code:
$config['sess_expiration'] = 0// Session will expire on web browser close. 
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply

#3
(04-28-2017, 04:50 AM)arisroyo Wrote: Sleepy

I would like to ask on how to automatically expired user session when it's not active?
I find out that CI never expire it's session  and when I tried to  make $config['sess_time_to_update']  lower than $config['sess_expiration']
it expired even if the user is actively using the web application.

Thanks in advance.

Or maybe something like this in MY_Controller if yu like to kick out people who are inactive (=makes no requests):
http://stackoverflow.com/questions/91245...or-15-mins
Depends what you mean with "not active".
Reply

#4
Thanks to both of you that helps a lot.

The logic is if user is keep using the web application the session must continue and if inactive for 15 minutes for the session should be expired even without closing the browser.

So I combine PHP.ini session configuration with CI session configuration

PHP.ini Session Configuration

session.gc_maxlifetime = 900 (15 minutes)

CodeIgniter Configuration

$config['sess_expiration'] = 900; (15 Minutes)
$config['sess_time_to_update'] = 450; (7 half minutes for update)
There are those who tell lies with meaning behind them and those meaning less lies!
Reply

#5
If you need to check the time then you would need to use a javascript timer event for check like that,
then you could just have the sessions not expire until browser close. If you need to keep them logged it
then you could do an autoload user on web site access using a remember me cookie.
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply

#6
I think you should be OK by setting time() in a sesssion on each request. Every new request compares time() with the timestamp you put in the session on the old request. If the diff is >15 min, kick the user out by destroying and unset the session, If the diff is < 1 min overwtire the session with the new time().
Reply

#7
With database sessions, you could always do a delete query for timestamps older than X mins. Run this via cron every minute or whenever you feel like it.
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.