7 replies to this topic

[newphpcoder]

Good day!

i have simpe login page with logout..

But, I need to have a syntax for autologout when the browser is closed and when he open again the login page he need to login again..

How can it possible?

Here is my login code:

  <?php

include 'config.php';

  

  session_start();


  

  if (isset($_POST['submit'])) {

    $username=$_POST['username']; 

    $password=($_POST['password']);

    

     $sql = "SELECT username, password FROM paylogin WHERE username='$username' AND password='$password'";

     $rs = $conn2->Execute($sql);

     

     if($rs==1){  

        $_SESSION['logged_in'] = true;

        header("location:index.php");

    }

    else {

    echo "<center>";

    echo "Wrong Username or Password";

    echo "</center>";

    }

  }

?>

and logout page

<?php 

session_start();

session_destroy();


header ("Location: login.php");

?>

Thank you

[WingedPanther]

You could try an AJAX call for onclose, but you should really make sure you have a reasonable session timeout.

[Vaielab]

Or do a ajax call each 60secondes, and if you don't receive the call for 2minutes, you destroy the session

[SoN9ne]

Or just use ini.session.cookie-lifetime.

Add this to your session object

ini_set( "session.cookie_lifetime", "0" ); // 0 means "until the browser is closed

Using other methods can cause unexpected results.
You need to take into account users with multiple tabs/widows open to your site.
Using an AJAX call could work but each tab would be making it's own request and this just seems inefficient IMHO.
You could use the onunload event attribute in the body tag but this couls have unexpected results for users with more than one window/tab open.
One method could be to use onload and onunload. Have the onload increment the number of windows the user has open (each onload would add 1 to a window count) then use onunload to decrement the window count. Then when you hit zero force logout... To me this is way too much work when ini.session.cookie-lifetime has always worked perfect for me.

[Vaielab]

SoN9ne said:

Or just use ini.session.cookie-lifetime.

Add this to your session object

ini_set( "session.cookie_lifetime", "0" ); // 0 means "until the browser is closed

...

This will work if the browser close, not if the tab close

[newphpcoder]

What if when the tab is close? I want the user still login.. when he open again the webpage?

Thank you..


Right now I only have this code:

<?php

  include 'config.php';

  

  session_start();

  

  //if (isset($_SESSION['logged_in'])) {

   //  header('Location:index.php');

  //   die();

 // }

  

  if (isset($_POST['submit'])) {

    $username=$_POST['username']; 

    $password=($_POST['password']);

    

     $sql = "SELECT username, password FROM pay_login WHERE username='$username' AND password='$password'";

     $rs = $conn2->Execute($sql);

     

     if($rs==1){  

        $_SESSION['logged_in'] = true;

        header("location:index.php");

    }

    else {

    echo "<center>";

    echo "Wrong Username or Password";

    echo "</center>";

    }

  }


$smarty->display('login.tpl');

  

?>

logout.php

<?php 

session_start();

session_destroy();

/*session_start();

 if (!isset($_SESSION['EXPIRES']) || $_SESSION['EXPIRES'] < time()+3600) 

 {   

   session_destroy();   

   $_SESSION = array();

 }

 $_SESSION['EXPIRES'] = time() + 3600;*/ 


header ("Location: login.php");

?>

in this code when I close the browser and I open again the webpage, I need to login again..which is correct right?

How about if i only close the tab??

Thank you

[bbqroast]

The method of setting the lifetime to zero (when the browser closes) is probably best.

[newphpcoder]

How???

Thank you