I have some code that I added to try and prevent the user from auto logging out (session). - but it still logs the user after so long
What I want is for the user to be able to access multiple pages when logged in and not log them out if they go idle, hence why I put a large idle time - or in other words , stay logged in until they decide to click logout.
login-page
$result = mysqli_query($connection,$query) or die(mysql_error());
$rows = mysqli_num_rows($result);
if($rows==1){
$_SESSION['username'] = $username;
$_SESSION['username']=time();
// Redirect user to index.php
header("Location: admin-index.php");
}else{
$_SESSION['incorrect'] = 'Incorrect email or password. Please try again.';
header ("Location: admin-login.php?=incorrectlogin");
}
}
logged in index page
<?php
session_start();
$idletime=6000000;
if (time()-$_SESSION['username']>$idletime){
session_destroy();
session_unset();
header ("Location: admin-login.php");
}else{
$_SESSION['username']=time();
}
//on session creation
$_SESSION['username']=time();
?>
<!DOCTYPE html>
<html lang="en" >
<head>
second php page
<?php
session_start();
if(!isset($_SESSION["username"])){
header("Location: admin-login.php");
exit(); }
?>