duanchi1230 2012-03-10 23:30
浏览 35
已采纳

会话过期时的PHP +注销成员

I've a site where people login and a SESSION is created.

I have noticed that if you leave the site for long enough (not sure exact time frame) the session ends but the members is still in the site. They can still click and navigate around and I believe this has resulted in some meaningless data in the DB as SESSION variables like userID don't exist.

I was looking for advice around logging users out when the SESSION ends. I have looked at code like this - any better ideas?

 <?php if(!isset($_SESSION[]) {header(loginpage.php);}?>

Is there a better way to write the above code?

Where should this code be placed? Just on the navigation menu or really on any place a user can click?

Finally is there a way to understand when the SESSION naturally expires - is there a SESSION variable I can print to screen to see the timeleft etc?

thanks

  • 写回答

2条回答 默认 最新

  • duanqun7761 2012-03-10 23:37
    关注

    You need to validate the session, you already headed into that direction with your code, but it's not enough:

    <?php if(!isset($_SESSION[]) {header(loginpage.php);}?>

    It's not enough because $_SESSION[] exists automatically after the session is started (the session mechanism in PHP, see session_start).

    Instead, if you have saved the userID inside the session, check that one:

    isset($_SESSION['userID'])

    If the session really expired, it should not be set.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 执行 virtuoso 命令后,界面没有,cadence 启动不起来
  • ¥50 comfyui下连接animatediff节点生成视频质量非常差的原因
  • ¥20 有关区间dp的问题求解
  • ¥15 多电路系统共用电源的串扰问题
  • ¥15 slam rangenet++配置
  • ¥15 有没有研究水声通信方面的帮我改俩matlab代码
  • ¥15 ubuntu子系统密码忘记
  • ¥15 保护模式-系统加载-段寄存器
  • ¥15 电脑桌面设定一个区域禁止鼠标操作
  • ¥15 求NPF226060磁芯的详细资料