|
PHP - Session Expiration
is there anyway to prevent a sessions from expiring to soon. I believe they are 20 minute sessions, correct. Even if they are not 20 min. is there a way to prevent it from happening?
Similar TutorialsWhen a cookie expires what happens to it? Is it physically removed from your hard-drive? TomTees Hi everyone,
My googling seems to have found an way to add x days to the current date, and I'm sure that finding x days from a date pulled from my database must be pretty similar, but I just can't seem to get it working.
My task involves teachers setting notifications which are displayed for a number of days designated by the teacher.
So when the teacher creates the notiication, the `notificatin_date` field is updated with the timestamp. The `notification_duration` field is an integer between 1 and 21.
I can get this info out of the database without problem:
$notification_set = date('Y-m-d', strtotime($notification['notification_date']));
$notification_duration = $notification['notification_duration'];
echo $notification_duration . "<br/>";
echo $notification_set . "<br/>";
However, when I try and add the duration to the date when the notification was set, to echo the expiry date, I run in to problems. This is what I've got at the current time, but I'm obviously not 'adding' $notification_duration and $notification_set correctly in the first line below, which is causing all my problems. Any help is much appreciated.
$expiration_date = $notification_set + strtotime($notification_duration . "days");
if ($expiration_date> date)
{
echo "Your notification will expire on ";
}
else if ($expiration_date < date)
{
echo "Your notification expired on ";
}
else echo "Your notification expires today ";
echo date('jS', strtotime($expiration_date));
echo " of ";
echo date('F', strtotime($expiration_date));
echo ", ";
echo date('Y', strtotime($expiration_date));
Thanks for your time,
Dave
Is it possible to make curl set the expiration date on cookies? I don't see that the expiration date has been set using the ordinary settings, and I have a problem with a forum using the expiration date to see if the session has expired. I have a payment form with the following code... Code: [Select] <!-- Expiration Month --> <span class="group"> <label class="innerlabel" for="expMonth">Month</label><!-- --> <select id="expMonth" name="expMonth"> <option></option> <option>01</option> <option>02</option> <option>03</option> <option>04</option> <option>05</option> <option>06</option> <option>07</option> <option>08</option> <option>09</option> <option>10</option> <option>11</option> <option>12</option> </select> </span> How is that data represented as far as Data-Type?? Is it treated as a String or an Integer?? How can I ensure that when I sent it to the Payment Gateway that it is treated as a Two-Digit value?? Thanks, Debbie I've been looking for a function or a couple of functions which will allow me to get the Certificate Expiration date for a given website. I've tried openSSL, but their functions only seem to work on the current server, which is useless to me because my server doesn't allow SSL or certificates. I just want the certificate of an external website, e.g. www.gna.org has a certificate (signed by themselves, but a certificate nonetheless). I've also tried cURL, since that allows you to access a remote server, but that will just check their certificate - it doesn't offer any functionality for e.g. checking when it will expire. This seems like a simple enough question, but I haven't found anything about it anywhere, so I'm asking here. Thanks a bunch in advance, -IsmAvatar Hello, I am having trouble setting a cookie with a future expiration. I am using PHP Version 5.1.6. Here is my code: $expire = time() + 60*60*24*30; // 30 days setcookie("TestCookie",$value, $expire); The cookie gets set, however, the cookie is not persistent and expires when I close my browser. This should not be the case but should expire in 30 days. The time() is correct on the server. Here is the raw http headers: Status: HTTP/1.1 200 OK Date: Sat, 26 Mar 2011 15:12:27 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.1.6 Set-Cookie: TestCookie=my+cookie+value; expires=Mon, 25-Apr-2011 15:12:27 GMT Content-Length: 126 Connection: close Content-Type: text/html; charset=UTF-8 However, when I open Firefox or Chrome they both say that the cookie will expire when I close the browser. I know that my browser is accepting cookies properly because I see other cookies from other websites in the cookie list that expire with future dates. I've tried setting a cookie in the future with javascript and it works fine, like the following: $jsExpire = date("D, j M Y H:i:s e", $expire); echo " <script> <!--// document.cookie = 'jscookie=testcookie; expires=$jsExpire; path=/' //--></script> "; However, when still trying to set the cookie (before headers are sent which is how php operates), php fails to set the cookie properly. Is there any kind of setting in php ini that could effect cookie expiration dates? Obviously it's not a browser problem since I can set cookies correctly with javascript but not php. I even tried sending cookie with header() like this and it doesn't set in the futu header("Set-Cookie: TestCookie=my+cookie+value; expires=Mon, 25-Apr-2011 17:26:45 GMT; path=/; domain=.mydomain.com"); Any help appreciated. Hi,
I want to set two expiration dates in a form. Prior to the fall deadline, options A, B, C are displayed. After the fall date has passed, only A and B will be displayed. This works beautifully:
<?php
//SET THE TIME ZONE
date_default_timezone_set('America/New_York');
//CREATE TIMESTAMP VARIABLES
$current_ts = time();
$fall_deadline_ts = mktime(0,0,0,9,1,2014);
$winter_deadline_ts = mktime(0,0,0,12,1,2014);
//IF THE FALL DEADLINE HAS PASSED
if($current_ts > $fall_deadline_ts) {
echo "a, b";
} else {
echo "a, b ,c";
}
?>
How can I tweak this so that after the Winter deadline has ALSO passed, it will only display A, rather than A, B?
Thanks!
I am having trouble resolving an error. Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/s519970/public_html/header.php:27) in /home/s519970/public_html/admin/login.php on line 2 What I can gather is I can't use "header (Location: 'admin.php')" after i've used session_start(). I have tried to replace the header (Location: 'admin.php') with this: echo "<script>document.location.href='admin.php'</script>"; echo "<script>'Content-type: application/octet-stream'</script>"; I've been trying to read up on solutions but haven't been able to get it sorted. If anyone can offer some advice that would be greatly appreciated as im new to php. Code: [Select] <?php session_start(); if(isset($_SESSION['user'])) echo "<script>document.location.href='admin.php'</script>"; echo "<script>'Content-type: application/octet-stream'</script>"; ?> <div id="loginform"> <form action="dologin.php" method="post"> <table> <tr> <td><span>Username:</span></td> <td><input type="text" name="username" /></td> </tr> <tr> <td><span>Password:</span></td> <td><input type="password" name="password" /></td> </tr> <tr> <td colspan="2" align="right"><input type="submit" name="login" value="Login" /></td> </tr> </table> </form> </div> I have tried using require_once('yourpage.php'); before my <head></head> tags in the header document where I've specified the html information but this doesn't seem to work. I've been advised to use ob_start("ob_gzhandler"); but I am not sure how to implement this. Any advice is greatly appreciated! I am trying to create an index page which contains registration and login field the problem that i get is on successful login a warning is displayed session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\xampp\htdocs\Eventz.com\index.php:116) in C:\xampp\htdocs\Eventz.com\index.php on line 235 This is the login part of my index.php this tag is inside an html table below the login form I also have a registration form and its php code above the login form Code: [Select] <?php if (isset($_REQUEST['pass'])) { $id=$_POST['id']; $pass=$_POST['pass']; $conn =mysql_connect("localhost","root",""); if (!$conn) { die('Could not connect: ' . mysql_error()); } /* checking connection....success! */ $e=mysql_select_db('test', $conn); if(!$e) { die(''.mysql_error()); } else { echo 'database selected successfully'; } if (isset($_REQUEST['id']) || (isset($_REQUEST['pass']))) { if($_REQUEST['id'] == "" || $_REQUEST['pass']=="") { echo "login fields cannot be empty"; } else { $sql=mysql_query("Select email,password from login where email='$id' AND password='$pass'"); $count=mysql_num_rows($sql); if($count==1) /* $count checks if username and password are in same row */ { session_start(); $_SESSION['id']=$id; echo "</br>Login Successful</br>"; } else { echo "</br>invalid</br>"; echo "please try to login again</br>"; } } } } ?> Any help or suggestion would be appreciated in this page http://maximaart.com/newscp/ i have this problem Code: [Select] Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/maximasy/public_html/newscp/index.php:1) in /home/maximasy/public_html/newscp/index.php on line 2 my source code is <?php session_start(); include_once("config.php"); include_once("functions.php"); $errorMessage = ''; if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) { if ($_POST['txtUserId'] === "$user" && $_POST['txtPassword'] === "$pass") { // the user id and password match, $_SESSION['basic_is_logged_in'] = true; require("main.php"); exit;?> I'm making a simple login system with MySQL and PHP (very simple, I'm just starting with PHP). The MySQL portion is done, but I need to ensure only people who are logged in can see certain content. To check if people are logged in, my website checks that they have the $_SESSION['user'] variable set. If it is set, then it lets them continue through the website, if not, it tells them to login. Is that enough security, or can people simply inject a session cookie into their browser to spoof that they are logged in? My idea was to generate a session key cookie when they login (just a random string of letters and numbers) and store that in the database, then on every page, check to make sure their session key is the same thing that's in the database. Is this necessary? It seems expensive. hi everyone. i'm wondering what the best way is to create a session variable and pass it to an iframe. i need to do something along these lines, but it doesn't seem to pass the ID. Any hints on how i should accomplish this? Code: [Select] session_start(); $_SESSION['ID']=$_GET['ID']; // id from previous page $ID=session_id(); <iframe src="iframepage.php?ID=<?php echo $ID; ?>" style="width:680px; height:200px;" noresize="noresize" frameborder="0" border="0" scrolling="Yes" allowtransparency="true" /> </iframe> Just curious how other people feel about this. I am working on an application where a lot of info is pulled from MySQL and needed on multiple pages.
Would it make more sense to...
1. Pull all data ONCE and store it in SESSION variables to use on other pages
2. Pull the data from the database on each new page that needs it
I assume the preferred method is #1, but maybe there is some downside to using SESSION variables "too much"?
Side question that's kind of related: As far as URLs, is it preferable to have data stored in them (i.e. domain.com/somepage.php?somedata=something&otherdata=thisdata) or use SESSION variables to store that data so the URLs can stay general/clean (i.e. domain.com/somepage.php)?
Both are probably loaded questions but any possible insight would be appreciated.
Thanks!
Greg
Edited by galvin, 04 November 2014 - 10:30 AM. Evening! I've been iffing and ahhing over this and well im not too sure, hence the post. Code: [Select] // Redirects if there is no session id selected and echos the error on the previous page if(!isset($_GET['get']) || ($_GET['getget'])){ header("Location: #.php?error"); } So it should simply check if get is set if it isnt then see if getget is set? If not redirect and show the error. Now ive tried it and even when get/getget is set it still redirects, probably something silly. Care to share anyone? Harry. People please help me i beg you, been trying to do this same thing for the past 4hours (-) close to giving up on php and learning a new languages :S Well as I was updating my login/sign up because its old and it was not very safe. Now my session are not working, well they work when i set them but it wont destroy so you cant log out. I have tryed doing 100 ways but i get one error or another or it dont work out all. login page <?php session_start(); require_once "../config.php"; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Admin CP</title> <?php $flag=0; if(isset($_POST['Submit'])) { $con = database_connect(); $username = $_POST['username']; $password = $_POST['password']; clean($username); clean($password); $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); mysql_close($con); $md5password= md5($password); database_connect(); $sql="select * from $membertables WHERE username='$username' and password='$md5password' and (userlevel='1' or userlevel='2') "; $res=mysql_query($sql); if(!$res) { die('error in database'); } $row=mysql_fetch_array($res); if(mysql_num_rows($res)>0) { $_SESSION['logged_in'] ="loggedin"; $_SESSION['userid']=$row['uid']; $_SESSION['username']=$row['username']; $_SESSION['userlevel']=$row['userlevel']; session_write_close(); header('location:welcome.php'); } else { $_SESSION['logged_in'] = "notloggedin"; $flag=1; } } ?> <script language="javascript"> function valid() { if(document.frm1.txtuname.value=="") { alert('Enter User-ID'); document.frm1.txtuname.focus(); return false; } if(document.frm1.txtpass.value=="") { alert('Enter Password'); document.frm1.txtpass.focus(); return false; } } </script> <!-- CSS --> <link href="style/css/transdmin.css" rel="stylesheet" type="text/css" media="screen" /> <!--[if IE 6]><link rel="stylesheet" type="text/css" media="screen" href="style/css/ie6.css" /><![endif]--> <!--[if IE 7]><link rel="stylesheet" type="text/css" media="screen" href="style/css/ie7.css" /><![endif]--> <!-- JavaScripts--> <script type="text/javascript" src="style/js/jquery.js"></script> <script type="text/javascript" src="style/js/jNice.js"></script> </head> <body> <div id="wrapper"> <!-- h1 tag stays for the logo, you can use the a tag for linking the index page --> <h1><a href="#"><span>Transdmin Light</span></a></h1> <!-- You can name the links with lowercase, they will be transformed to uppercase by CSS, we prefered to name them with uppercase to have the same effect with disabled stylesheet --> <ul id="mainNav"> <li></li> <!-- Use the "active" class for the active menu item --> <li></li> <li></li> <li class="logout"></li> </ul> <!-- // #end mainNav --> <div id="containerHolder"> <div id="container"><!-- // #sidebar --> <!-- h2 stays for breadcrumbs --> <h2>Login »</h2> <div id="main"> <form action="index.php" method="post" name="frm1" id="frm1" onSubmit="return valid();"> <table width="100%" border="0" cellpadding="0" cellspacing="0""> <tr> <td align="left"><table border="0" cellpadding="5" cellspacing="1" width="576"> <tbody> <tr> <td colspan="2" align="center"><br /> Please enter your User Name and password below.<br /></td> </tr> <?php if($flag==1) { ?> <tr> <td width="333" align="center" style="background-color: #F00; text-decoration: underline; color: #FF0;" ><p>Enter Valid User-Name or Password </p></td> </tr> <?php } ?> <tr> <td align="right" >User Name:</td> <td width="344"><input style="background-color: rgb(221, 234, 248);" class="form_text" id="username" name="username" /> <script language="JavaScript" type="text/javascript">document.getElementById('txtuname').focus(); </script></td> </tr> <tr> <td align="right">Password:</td> <td><input class="form_text" id="password" name="password" type="password" /></td> </tr> <tr> <td> </td> <td> <input class="buttons" value="sign me in" name="Submit" type="submit" id="Submit" /> </td> </tr> <tr> <td style="height: 30px;"> </td> <td> </td> </tr> </table> </td> </tr> </tbody> </table> </form> </div> <!-- // #main --> <div class="clear"></div> </div> <!-- // #container --> </div> <!-- // #containerHolder --> <p id="footer"><?php echo $footer ?></p> </div> <!-- // #wrapper --> </body> </html> <?php session_start(); if($_SESSION['logged_in']="loggedin"); else{ header('location:index.php'); } ?> sign out page <?php session_start(); session_unset(); session_destroy(); header('location:index.php'); ?> Hi, I am trying to get the value of a session veriable and if the variable contains a certain word it will show an error message, else just continue as normal. if (isset($_POST['selectroom'])) {$_SESSION['room'] = $_POST['selectroom'];} if (!isset($_SESSION['room'])) $room = "RoomNameA"; else $room = $_SESSION['room']; Please Advise, - Stuart If i use session in my php code then for how much time the session will be valid... And how can i change the length of the session... giving me Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/enriquec/public_html/admincenter.php on line 6 this is my code Code: [Select] <?php require "header.php";?> <?php if ($_SESSION['username']) echo "Welcome, "."$_SESSION['username']."; else die("You must be logged in!"); ?> <?php require "footer.php":?> Why is my SESSION not getting set in the code below?! Code: [Select] <?php // Initialize a session. session_start(); // Initialize Logged-In Status. $_SESSION['loggedIn'] = FALSE; // Display Logged-In Status. echo '<p>$_SESSION[\'loggedIn\'] = ' . $_SESSION['loggedIn'] . '</p>'; exit(); When I run this I get... $_SESSION['loggedIn'] = Debbie Hello I keep having this issue with sessions. I have an login feature on my website that uses sessions. When i do like this: 1. Login 2. close browser 3. open browser again 4. try to log in It fails, actually nothing happens, so I manually need to go to logout.php to reset and then I can log in again. Why is this happening and how do i solve it? |
|||||||