I am working on a site for a small (read: <50 users) nonprofit organization that I work with and my PHP knowledge is fairly limited. Currently I have a login script that I found from a tutorial online. The problem I am running into is that each user is logged out after about an hour or so.
Security really isn't an issue with the content and ideally I would like for someone to stayed logged in for multiple days or weeks. However, any search on Google about sessions length nets me people looking to shorten the logout timer.
As far as code goes, once the login page compares username and password to the database and follows with:
session_register("myusername");
session_register("mypassword");
header("location:index.php")
And on each protected page it starts with:
session_start();
if(!session_is_registered(myusername)){
header("location:login.html:);
}
