2017-01-17 09:53
浏览 59

如果浏览器关闭,PHP Autologout功能无法正常工作

I am aware that similar questions have been asked, but none seem to have a good solution. I have a auto logout function ( see below).

However if the tab/browser is closed, the session is never destroyed, and more importantly the DB table tblTimeLog is not updated.

What I want to do is for the "timer to keep running" even tho the browser or tab is closed. Any suggestions on how to achieve this?

Auto logout function:


// set timeout period in seconds
$idleTime = 2400;
header("refresh: 2400");

// check to see if $_SESSION['timeout'] is set
if(isset($_SESSION['timeout']) ) {
    $session_life = time() - $_SESSION['timeout'];
    if($session_life > $idleTime) { 
        $db->Execute("UPDATE tblTimeLog SET LogoutTime = NOW() WHERE sid ='".session_id()."'".$row['konsulentid'].'');
        header("Location: login.php?loggut");
$_SESSION['timeout'] = time(); 

图片转代码服务由CSDN问答提供 功能建议

我知道已经提出了类似的问题,但似乎都没有一个好的解决方案。 我有一个自动注销功能(见下文)。

但是,如果选项卡/浏览器关闭,会话永远不会被销毁,更重要的是DB表 tblTimeLog 不会更新。

我想要做的是“定时器继续运行”,即使浏览器或标签已关闭。 有关如何实现此目的的任何建议吗?


 /  /设置超时时间(秒)
 $ idleTime = 2400; 
 //检查$ _SESSION ['timeout']是否设置为
if(isset($ _ SESSION [  'timeout'])){
 $ session_life = time() -  $ _SESSION ['timeout']; 
 if($ session_life&gt; $ idleTime){
 $ db-&gt; Execute(“UPDATE tblTimeLog SET LogoutTime  = NOW()WHERE sid ='“。session_id()。”'“。$ row ['konsulentid']。''); 
 $ _SESSION ['timeout'] = time();  
  • 写回答
  • 好问题 提建议
  • 追加酬金
  • 关注问题
  • 收藏
  • 邀请回答

2条回答 默认 最新

  • dpitqpax07626 2017-01-17 10:05

    Your issue is that the auto-logout only takes effect upon a request to your server.

    You want your system to log users out regardless of whether they're still making requests or not.

    One simple solution would be to set up a cron job to call a PHP script every minute or so. Have the script loop through all users, and log them out if necessary. This would require you to additionally store the last time they made a request in the database, as that's currently stored in a session that you would not have access to in a different script.

    Alternatively, on a successful (logged in) request, you could schedule a script to log the user out. On each subsequent request, cancel that scheduled execution and schedule another.

    Which solution you choose will depend on your exact system. Weigh up the pros and cons of each. The first might not be suitable, for example, because it will run all the time regardless of whether anyone is actually logged in.

    解决 无用
    打赏 举报

相关推荐 更多相似问题