chramya
January 7th, 2008, 06:25 AM
thanks alot for ur kind guidance... i wish to know in httpwatch how could i verify that session has been destroy and which attribute so the session destroy?
Click to See Complete Forum and Search --> : session_destroy
PeejAvery
January 7th, 2008, 08:23 AM
Sessions are handled on the server side. Some web applications store a cookie with a session ID. But that won't tell you much because it depends on the programming and not directly on the server sessions.
chramya
January 9th, 2008, 12:12 AM
Session is not getting destroy even i used session_destroy() function.. What will be the Problem....Is there any problem in Installation
Thanks,
Thanks,
PeejAvery
January 9th, 2008, 07:56 AM
It won't be an installation issue. If there is an installation problem, nothing would work.
If you are calling session_destroy() it will work unless you are calling it wrong. Or if you have created a session id, it must be unset. Really, it would help if we could see your code. Please post it using [code] tags.
[code]
put your code in here
[/code]
If you are calling session_destroy() it will work unless you are calling it wrong. Or if you have created a session id, it must be unset. Really, it would help if we could see your code. Please post it using [code] tags.
[code]
put your code in here
[/code]
chramya
January 9th, 2008, 11:58 PM
This is main.php file...............
<html>
<body>
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><center><strong>Member Login </strong></center></td>
</tr>
<tr>
<td width="78"> Email ID</td>
<td width="6">:</td>
<td width="294"><input name="email" type="text" id="email"></td>
</tr>
<tr>
<td> Password</td>
<td>:</td>
<td><input name="mypassword" type="password" id="mypassword"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
</body>
</html>
This is checklogin.php file..............
<?php
session_start();
$currentTime = date('YmdHis');
$expireTime = (isset($_SESSION['expireTime'])) ? $_SESSION['expireTime'] : $currentTime;
if($currentTime > $expireTime)
{
session_destroy();
header('Location: main.php');
exit;
}
if(isset($_POST['email'])){
$conn = odbc_connect('validate', '', '');
if(!$conn){exit('Connection Failed: ' . $conn);}
$email = $_POST['email'];
$mypassword = $_POST['mypassword'];
$sql = "SELECT * FROM user1 WHERE email = '$email' and password = '$mypassword'";
$rs = odbc_exec($conn,$sql);
$count = odbc_num_rows($rs);
if($count==1){
$y = date('Y');
$m = date('m');
$d = date('d');
$h = date('H');
$i = date('i');
$s = date('s');
$_SESSION['expireTime'] = date('YmdHis', mktime($h, $i + 30, $s, $m, $d, $y));
$_SESSION['email'] = $email;
$_SESSION['mypassword'] = $mypassword;
echo 'Login success';
}
else{
header('Location: main.php');
}
odbc_close($conn);
}
?>
<html>
<body>
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><center><strong>Member Login </strong></center></td>
</tr>
<tr>
<td width="78"> Email ID</td>
<td width="6">:</td>
<td width="294"><input name="email" type="text" id="email"></td>
</tr>
<tr>
<td> Password</td>
<td>:</td>
<td><input name="mypassword" type="password" id="mypassword"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
</body>
</html>
This is checklogin.php file..............
<?php
session_start();
$currentTime = date('YmdHis');
$expireTime = (isset($_SESSION['expireTime'])) ? $_SESSION['expireTime'] : $currentTime;
if($currentTime > $expireTime)
{
session_destroy();
header('Location: main.php');
exit;
}
if(isset($_POST['email'])){
$conn = odbc_connect('validate', '', '');
if(!$conn){exit('Connection Failed: ' . $conn);}
$email = $_POST['email'];
$mypassword = $_POST['mypassword'];
$sql = "SELECT * FROM user1 WHERE email = '$email' and password = '$mypassword'";
$rs = odbc_exec($conn,$sql);
$count = odbc_num_rows($rs);
if($count==1){
$y = date('Y');
$m = date('m');
$d = date('d');
$h = date('H');
$i = date('i');
$s = date('s');
$_SESSION['expireTime'] = date('YmdHis', mktime($h, $i + 30, $s, $m, $d, $y));
$_SESSION['email'] = $email;
$_SESSION['mypassword'] = $mypassword;
echo 'Login success';
}
else{
header('Location: main.php');
}
odbc_close($conn);
}
?>
PeejAvery
January 10th, 2008, 07:47 AM
Notice that your if statement to destroy the session is before the if statement to create it. If there is POST, even if the session is destroyed, it will be created again.
chramya
January 16th, 2008, 01:19 AM
I write if statement for session destroy after the else statement of POST it doesnt show any difference. Still page is not redirected...
PeejAvery
January 16th, 2008, 07:38 AM
If the user isn't being redirected either, than your if statement isn't being called either.
Above the if statement echo both of the variables $currentTime $expireTime to make sure that the first is greater than the second.
Above the if statement echo both of the variables $currentTime $expireTime to make sure that the first is greater than the second.
ludakot
January 16th, 2008, 09:38 AM
Shouldn't if($currentTime > $expireTime) be at the very bottom? Because you set value on $_SESSION['expireTime'] way down there so actually $currentTime and $expireTime are same. Because $_SESSION['expireTime'] doesn't have a value yet way up there thus $expireTime == $currentTime according to your ? : statement.
PeejAvery
January 16th, 2008, 09:48 AM
I already suggested that.
ludakot
January 16th, 2008, 11:46 AM
I already suggested that.
Yes but he said it didn't work which means one thing he's doing it wrong again.
So the if statement where session_destroy is never returns true which means $currentTime and $expireTime are same despite his claims that he tried putting it in the bottom. I was just trying to explain/show his error.
Yes but he said it didn't work which means one thing he's doing it wrong again.
So the if statement where session_destroy is never returns true which means $currentTime and $expireTime are same despite his claims that he tried putting it in the bottom. I was just trying to explain/show his error.
PeejAvery
January 16th, 2008, 01:42 PM
Your misunderstanding me. I am saying that I suggested both already.
chramya
January 16th, 2008, 11:42 PM
Expire time is greater than current time.. No problem in that but my user is not redirected automatically to Login page after particular time.....
expireTime is greater than current time.. wat to do to get off from this problem and my page have to redirect to login page after 5 minutes of idle time.....
page is redirecting but one problem.... after idle time when i refresh the page means it redirects to login page... it was not automatically redirecting.... wat is solution for this
expireTime is greater than current time.. wat to do to get off from this problem and my page have to redirect to login page after 5 minutes of idle time.....
page is redirecting but one problem.... after idle time when i refresh the page means it redirects to login page... it was not automatically redirecting.... wat is solution for this
PeejAvery
January 17th, 2008, 08:30 AM
after idle time when i refresh the page means it redirects to login page... it was not automatically redirecting.... wat is solution for this
This is different from what you have been asking. That is why ludakot and I were not able to help you.
What you need to do is the same thing that you already have done with the session variable expireTime. Instead, name it lastActivity. Now, at every page you will need to update it with the current time, as well as check it to see if it is past its activity expiration time.
Summary: Do the exact same thing with the variable lastActivity, you just have to set its value every page (below when it checks to see if it is expired), not just at logon.
This is different from what you have been asking. That is why ludakot and I were not able to help you.
What you need to do is the same thing that you already have done with the session variable expireTime. Instead, name it lastActivity. Now, at every page you will need to update it with the current time, as well as check it to see if it is past its activity expiration time.
Summary: Do the exact same thing with the variable lastActivity, you just have to set its value every page (below when it checks to see if it is expired), not just at logon.
codeguru.com
Copyright Internet.com Inc., All Rights Reserved.
Copyright Internet.com Inc., All Rights Reserved.