|
Click to See Complete Forum and Search --> : session timeout clonmelog 01-24-2005, 10:08 AM Im creating an admin interface for a web project and im looking to have a basic php page time out after 10 minutes should the user leave it idle ieL doesnt click any links on the page. Anyone have any idea on how to do this??? thanks! DaiWelsh 01-24-2005, 10:14 AM just use a <meta http-equiv="refresh" content="60;logout.php"> pseudo-header to redirect to a logout script after the specified time. Javascript could do it too, but better to avoid it when not required. HTH, Dai clonmelog 01-24-2005, 10:23 AM thanks works great!!!!:) onhe more thing would bhe the best way to disable the back button, as in stopping someone just re-accessing the admin panel by hitting the back button. i know javascript can be used but dont fancy it to be honest!:eek: DaiWelsh 01-24-2005, 10:44 AM However much of a good idea it sounds disabling the back button is a no-no - it won't stop hackers (who know how to view the cached pages)but could well annoy genuine users. As long as your code is sensibly written they should not be able to do anything (editing, deleting etc.) after using 'back' to see the pages, just see what was on screen. If you are really worried you could open a fresh window using javascript when the admin console starts and then use javascript to close that window on logout, but that may fall foul of popup blockers, so probably the best bet would just be to set the expiry on your pages to a very short period and telling the users to close the browser when they finish. If they are on a shared PC and don't take thetime to logout and close the browser then it is their own lookout ;) HTH, Dai clonmelog 01-25-2005, 07:06 AM i was talking to a friend who has told me that one can insert an extra row into your database table for the user login which takes a timestamp when the user logs in and as a result has an auto timeout? any idea of this? scragar 01-25-2005, 07:15 AM a few points: 1: just send a header to prevent the cacheing of pages and make it ewxpire instantly, this aviods most problems like the back button. 2: the database idea is quite simple but not recomended, sessions automaticly expire after a set time(change your PHP.ini file to alter this) clonmelog 01-25-2005, 07:21 AM Originally posted by scragar a few points: 1: just send a header to prevent the cacheing of pages and make it ewxpire instantly, this aviods most problems like the back button. 2: the database idea is quite simple but not recomended, sessions automaticly expire after a set time(change your PHP.ini file to alter this) i get ya on the php.ini file but do you have any link on the other method? i am clueless on that im afraid:mad: scragar 01-25-2005, 07:40 AM with metas: <meta http-equiv="Expires" content="Tue, 01 Jan 2000 12:12:12 GMT"> <meta http-equiv="Pragma" content="no-cache"> with headers: <?Header('Cache-Control: no-cache'); Header('Pragma: no-cache');?> webdeveloper.com
Copyright Internet.com Inc., All Rights Reserved. |
|