Hi,
You have to make the code yourself,
After session_start you should check the session for some
variable you use to check if the user is logged in
eg:
<?php
session_start();
if( !isset($_SESSION['logged_in']) || $_SESSION['logged_in'] == 0) {
//u'r busted go to login
} else {
//u'r the good guy, come in
}
?>
C.
"Jake McHenry" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
How can I make my site auto log out a user like I've seen on many sites?
Right now, the users session never expires unless manually logging out or
the browser is closed. Also, should I change anything to cover any security
issues? I havn't changed much from the default, only enough to get it
running for my site.
Here is what I have in my php.ini file:
[Session]
session.save_handler = files
session.save_path = /var/www/sessions
session.use_cookies = 1
session.name = NittanyTravelSessionCookie
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = /
session.cookie_domain =
session.serialize_handler = php
session.gc_probability = 1
session.gc_maxlifetime = 1440
session.referer_check =
session.entropy_length = 0
session.entropy_file =
;session.entropy_length = 16
;session.entropy_file = /dev/urandom
session.cache_limiter = nocache
session.cache_expire = 180
session.use_trans_sid = 1
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Thanks,
Jake
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
