PHP - Is This The Best Way To Extend The Php Session Time?
Hi all,
I'm trying to increase the server default php session timeout from 1hour to 3hours. I don't have access to my php.ini but can use .htaccess. Is the following the correct way to do this? in the .htaccess add the line: php_value session.gc_maxlifetime 10800 Or would I be better off including the following after every session start() on everypage: Code: [Select] ini_set("session.gc_maxlifetime","10800"); thanks! Similar TutorialsIs it possible to set a certain session to time out after say 2 minutes. I want to lock a person from seeing a page for 2 minutes then destroy the session yet keep the primary session and still keep dpoing what they were doing? Just curious. Thanks, how can i set a session to expire after a set amount of time, say 1 hour. i'm using the following code to create my session, but i dont know what i need to add to make it expire $_SESSION['pageviewsid'.$id] = $new; $new is the result from a calculation and $id is the page id from the URL using $_GET Hello guys, I am new to PHP. I need some help. I am trying to build a web app, in which I have login functionality. I want to keep the logged in user session active for around 3-4 months. But in my case as soon as I close the browser, session data is lost and I need to login again. Can anyone help me with this. Hello everyone, I've searched these forums for a while now trying to resolve a problem that I have with my sessions timing out before I would like them to, but I've only gotten confused about it. I've read about changing some settings or adding code in my php.ini file but I have no idea what I'm doing when it comes to that. I'm starting the session simply by having session_start(); at the top of each of my pages. I'm including a copy of my entire php.ini file here so that you can see what I have already. Can someone please help me to figure out what I would need to do to make my sessions last at least 8 hours? Thanks in advance. Here's my php.ini file: Code: [Select] register_globals = off allow_url_fopen = off expose_php = Off max_input_time = 60 variables_order = "EGPCS" extension_dir = ./ upload_tmp_dir = /tmp precision = 12 SMTP = relay-hosting.secureserver.net url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset=" ; Only uncomment zend optimizer lines if your application requires Zend Optimizer support ;[Zend] ;zend_optimizer.optimization_level=15 ;zend_extension_manager.optimizer=/usr/local/Zend/lib/Optimizer-3.3.3 ;zend_extension_manager.optimizer_ts=/usr/local/Zend/lib/Optimizer_TS-3.3.3 ;zend_extension=/usr/local/Zend/lib/Optimizer-3.3.3/ZendExtensionManager.so ;zend_extension_ts=/usr/local/Zend/lib/Optimizer_TS-3.3.3/ZendExtensionManager_TS.so ; -- Be very careful to not to disable a function which might be needed! ; -- Uncomment the following lines to increase the security of your PHP site. ;disable_functions = "highlight_file,ini_alter,ini_restore,openlog,passthru, ; phpinfo, exec, system, dl, fsockopen, set_time_limit, ; popen, proc_open, proc_nice,shell_exec,show_source,symlink" Hi I am developing a e-commerce website. The user logs in and buy a product when he checkout the page will redirect to the payment gateway. After the payment is completed it will return back to my website. This is ok. But when it is returning back the session maintained in my website get lost. This happen only for the first time. If the user again logged in and checkout the process works good and the session is maintaining. Why does the session lost for first time. I used session_start() in all the pages.. I cannot find the solutions. Kindly help.. Regards P.Balakrishnan As my title said the question, i want to destroy my session after a particular time if user is being ideal.. currently i am using this code to define my session: Code: [Select] session_start(); // Check, if username session is NOT set then this page will jump to login page if (!isset($_SESSION['myusername'])) { header('Location: admin.php'); } I have the following session timeout code which should redirect users of a website to a page (session_expired.php) which prints out a message telling the user that his session has expired. I include this code at the top of every page in the website, that requires user authentication. Code: [Select] <?php //address error handling ini_set ('display_errors', 1); error_reporting (E_ALL & ~E_NOTICE); if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 1800)) { // last request was more than 30 minates ago session_destroy(); // destroy session data in storage session_unset(); // unset $_SESSION variable for the runtime header("location: session_expired.php"); } $_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp ?> The session_expired.php page which I will include below, has a login link, which takes the user to a login page (access_denied.php) Code: [Select] <?php //address error handling ini_set ('display_errors', 1); error_reporting (E_ALL & ~E_NOTICE); //Set the page title before the header file $title = 'Session Expired'; require ('header.php'); //need the header ?> <div id="content" class=""> <div id="left_content" class=""> </div> <!--closes left content--> <div id="right_content" class=""> <div id= "right_content_inner_border"> <h5 style ="position:relative;left:660px;top:1px;"> <a style="text-decoration:none" href="access_denied.php">[Login]</a> </h5> <h3 style ="position:relative;left:110px;top:100px; font-color:blue;"> You Session Expired Due to Inactivity! </h3> </div> <!--closes right content inner border--> </div> <!--closes right content--> </div> <!--closes content--> <?php require ('footer.php'); //need the footer ?> Now here lies the problem. When i set the session timeout to say 60 seconds to test the code, everything seems to work perfectly. The authenticated page gets redirected to session_expired.php after 1 minute and when the user clicks on the login link, he is taken back to the login page(access_denied.php). However, when I replace the time with 1800 seconds, the page notice that when I leave the page idle for JUST about 5 minutes, it gets redirected NOT even to the expected session_expired.php page but strangely, directly to the login page(access_denied.php). What could be going wrong here? Any hint is appreciated. I am new to OOP php programming and I am trying to figure out what I did wrong on this. I am trying to call my protection() function in my users class, so I extended my question class and call the protection function but it isn't working. Here is my code for my class_lib: Code: [Select] <?php require('dbc.php'); class users { public $email; public $password; public $first_name; public $last_name; public $id; function __construct($e,$p) { $this->email = $e; $this->password = $p; } function protection() { if(!$_COOKIE['user']) { header("location:../login.php"); } } } //new class class questions extends users { public $title; public $question; public $response; public $sub_category; public $date; public $pid; function __construct(){} function newest() { $sql = "SELECT * FROM math ORDER by pid DESC LIMIT 0,5"; $execute = mysql_query($sql) or die(mysql_error()); while($data = mysql_fetch_array($execute) ) { $this->title = $data['title']; $this->question = $data['question']; $this->pid = $data['pid']; echo '<p class="title">' . $this->title . '<br /></p>'; echo ' <br /><br /><br /><br /><a href="questions.php?id=' . $this->pid . '" class="button">Awnser it</a><br /><br /><br />'; } } } ?> Here is the page to call the function: Code: [Select] <?php require('../class_lib.php'); $question = new questions(); $question -> protection(); ?> Hi, I'm having an image upload function I did create for few weeks ago - it has an variable called $newname, which contains the path and file. I'm then using the imageupload() function in another function called EditFrontPage(), which is used to 'update' some content. If I update the image, it runs the imageupload function, which is great, it resize and optimize the image, and it moves it to the folder I specified. What I then want, is within' my EditFrontPage() function, is to echo out the $newname variable from the imageUpload function. is there a way to do this? in a smart way? If my code is needed, you can take a look at it he http://codepad.org/poKNSU5H Thank you a lot guys! hey guys i have a script ive made which loads classes automatically when called...the script works fine but when i extend the class Autoloader_Exception and it comes back with the error Code: [Select] Fatal error: Class 'Autoloader_Exception' not found in C:\www\library\autoloader.class.php on line 3 i might be missing something here but i dont know why the autoloader doesnt load the extended class if someone can please help me how i can extend the class please thanks Code: [Select] <?php class Autoloader extends Autoloader_Exception { protected static $_declared_classes = array(); public static function load_class($class_name) { $class_name = ucwords($class_name); $file = self::get_class_path($class_name); try { if (!class_exists($class_name, FALSE)) { if (file_exists($file)) { require_once $file; self::$_declared_classes[] = $class_name; } else { throw new Exception(sprintf("Class '%s' not found.<br />\n", $class_name)); } } } catch (Exception $e) { echo $e->getMessage(); } } protected static function get_class_path($class_name) { global $classes; if (array_key_exists($class_name, $classes)) { return ROOT . DS . $classes[$class_name]; } } public static function declared_classes() { echo "<pre>"; print_r(self::$_declared_classes); echo "</pre>"; } } spl_autoload_register(array('Autoloader', 'load_class')); ?> I am having trouble resolving an error. Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/s519970/public_html/header.php:27) in /home/s519970/public_html/admin/login.php on line 2 What I can gather is I can't use "header (Location: 'admin.php')" after i've used session_start(). I have tried to replace the header (Location: 'admin.php') with this: echo "<script>document.location.href='admin.php'</script>"; echo "<script>'Content-type: application/octet-stream'</script>"; I've been trying to read up on solutions but haven't been able to get it sorted. If anyone can offer some advice that would be greatly appreciated as im new to php. Code: [Select] <?php session_start(); if(isset($_SESSION['user'])) echo "<script>document.location.href='admin.php'</script>"; echo "<script>'Content-type: application/octet-stream'</script>"; ?> <div id="loginform"> <form action="dologin.php" method="post"> <table> <tr> <td><span>Username:</span></td> <td><input type="text" name="username" /></td> </tr> <tr> <td><span>Password:</span></td> <td><input type="password" name="password" /></td> </tr> <tr> <td colspan="2" align="right"><input type="submit" name="login" value="Login" /></td> </tr> </table> </form> </div> I have tried using require_once('yourpage.php'); before my <head></head> tags in the header document where I've specified the html information but this doesn't seem to work. I've been advised to use ob_start("ob_gzhandler"); but I am not sure how to implement this. Any advice is greatly appreciated! I am trying to create an index page which contains registration and login field the problem that i get is on successful login a warning is displayed session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\xampp\htdocs\Eventz.com\index.php:116) in C:\xampp\htdocs\Eventz.com\index.php on line 235 This is the login part of my index.php this tag is inside an html table below the login form I also have a registration form and its php code above the login form Code: [Select] <?php if (isset($_REQUEST['pass'])) { $id=$_POST['id']; $pass=$_POST['pass']; $conn =mysql_connect("localhost","root",""); if (!$conn) { die('Could not connect: ' . mysql_error()); } /* checking connection....success! */ $e=mysql_select_db('test', $conn); if(!$e) { die(''.mysql_error()); } else { echo 'database selected successfully'; } if (isset($_REQUEST['id']) || (isset($_REQUEST['pass']))) { if($_REQUEST['id'] == "" || $_REQUEST['pass']=="") { echo "login fields cannot be empty"; } else { $sql=mysql_query("Select email,password from login where email='$id' AND password='$pass'"); $count=mysql_num_rows($sql); if($count==1) /* $count checks if username and password are in same row */ { session_start(); $_SESSION['id']=$id; echo "</br>Login Successful</br>"; } else { echo "</br>invalid</br>"; echo "please try to login again</br>"; } } } } ?> Any help or suggestion would be appreciated in this page http://maximaart.com/newscp/ i have this problem Code: [Select] Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/maximasy/public_html/newscp/index.php:1) in /home/maximasy/public_html/newscp/index.php on line 2 my source code is <?php session_start(); include_once("config.php"); include_once("functions.php"); $errorMessage = ''; if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) { if ($_POST['txtUserId'] === "$user" && $_POST['txtPassword'] === "$pass") { // the user id and password match, $_SESSION['basic_is_logged_in'] = true; require("main.php"); exit;?> hi everyone. i'm wondering what the best way is to create a session variable and pass it to an iframe. i need to do something along these lines, but it doesn't seem to pass the ID. Any hints on how i should accomplish this? Code: [Select] session_start(); $_SESSION['ID']=$_GET['ID']; // id from previous page $ID=session_id(); <iframe src="iframepage.php?ID=<?php echo $ID; ?>" style="width:680px; height:200px;" noresize="noresize" frameborder="0" border="0" scrolling="Yes" allowtransparency="true" /> </iframe> I'm making a simple login system with MySQL and PHP (very simple, I'm just starting with PHP). The MySQL portion is done, but I need to ensure only people who are logged in can see certain content. To check if people are logged in, my website checks that they have the $_SESSION['user'] variable set. If it is set, then it lets them continue through the website, if not, it tells them to login. Is that enough security, or can people simply inject a session cookie into their browser to spoof that they are logged in? My idea was to generate a session key cookie when they login (just a random string of letters and numbers) and store that in the database, then on every page, check to make sure their session key is the same thing that's in the database. Is this necessary? It seems expensive. PHP date and time function is not showing correct time on my local system I have the following php code date_default_timezone_set("Africa/Lagos"); $date = date('d-m-y h:i:s'); echo "Server Time ".$date ."<br>"; echo "The time is " . date("h:i:sa")."<br>"; $current_datetime = date("Y-m-d") . ' ' . date("H:i:s", STRTOTIME(date('h:i:sa'))); echo "Current time1: ".$current_datetime . "<br>";
Output
Server Time 21-05-21 09:55:39
Expected Output
Server Time 21-05-21 10:55:39
Any help would be appreciated. Edited May 21 by Ponel Basically I have recently been playing around with parsing a csv file. What I am looking to do at this point is simply take the date/timestamp (part of the csv file), which is in the following format:DD/MM HH:MM:SS.100th/s For the sake of argument, lets say I have this in an array string called $csv[0] and the file has several lines that span the course of a couple hours. I wouldn't mind having to use explode() to breakup/remove the date or 100th/s IF that would make things a lot simpler. So where would I start in trying to achieve this?. The result I am looking for will simply return "X Seconds". Storing this in a string variable would be a bonus, as I plan to use this to divide a separate piece of information. Any examples or ideas would be great. Thank you. ps: Here is an example time from the csv file itself: Code: [Select] 11/19 22:23:18.143 I am trying to simulate an ad expiration and carry out an action if the ad is expired. And I cannot get the if/else to work properly... I've tried many variations and I cannot see what I am doing wrong here. Any tips please 3 hours and counting of no solution! $ad_start = time()-14 . "<br />"; // 14 days from today in the past (negative) echo $ad_start; $current_time = time() . "<br />"; // current epoch time echo $current_time; $days_past = $ad_start - $current_time; // days past echo "<br />$days_past days have past since the ad started!<br />"; if($days_past <= 14) { echo "<br />Ad is less than 14 days. Not expired."; } else { echo "<br />Ad is over 14 days. Expired."; } Evening! I've been iffing and ahhing over this and well im not too sure, hence the post. Code: [Select] // Redirects if there is no session id selected and echos the error on the previous page if(!isset($_GET['get']) || ($_GET['getget'])){ header("Location: #.php?error"); } So it should simply check if get is set if it isnt then see if getget is set? If not redirect and show the error. Now ive tried it and even when get/getget is set it still redirects, probably something silly. Care to share anyone? Harry. Just curious how other people feel about this. I am working on an application where a lot of info is pulled from MySQL and needed on multiple pages.
Would it make more sense to...
1. Pull all data ONCE and store it in SESSION variables to use on other pages
2. Pull the data from the database on each new page that needs it
I assume the preferred method is #1, but maybe there is some downside to using SESSION variables "too much"?
Side question that's kind of related: As far as URLs, is it preferable to have data stored in them (i.e. domain.com/somepage.php?somedata=something&otherdata=thisdata) or use SESSION variables to store that data so the URLs can stay general/clean (i.e. domain.com/somepage.php)?
Both are probably loaded questions but any possible insight would be appreciated.
Thanks!
Greg
Edited by galvin, 04 November 2014 - 10:30 AM. |