.
tell me how to modify in the above code that if the user is entering for first
time then using time() or sessionid it should be stored
or else if he is entering for first time then using current time() or sessionid
it must be stored…
I do not understand the question well but I guess you need a mechanism which will log out the user after specified inactivity time.
To do that lets try:
k in ur code if my username and password matches only then it will be going to next page
here it should be “products.php”(for shopping there will be various items) and tell me how to logout…
<?php
defined("MY_SYSTEM") or die("Direct access to this location is disallowed");
define("LIMIT", 10);
session_start();
function isLoggedIn() {
if( !isset($_SESSION["last_activity"]) || time() - $_SESSION["last_activity"] > LIMIT) {
session_unset();
return FALSE;
}
$_SESSION["last_activity"] = time();
return TRUE;
}
function redirectTo($location) {
header("Location:{$location}");
die();
}
?>
login.php
<?php
define("MY_SYSTEM", "1");
require_once("user.php");
//connect to database
$db = mysql_connect("localhost","db_user", "db_password") or die( mysql_error() );
mysql_select_db("db_name", $db) or die( mysql_error() );
mysql_set_charset("utf8", $db) or die( mysql_error() );
// Logged in so go to the products page
if( isLoggedIn() ) {
redirectTo("products.php");
}
// Try to login
if( isset($_POST["username"]) && isset($_POST["password"]) ) {
$result = mysql_query(
"SELECT DISTINCT * FROM `users` WHERE " .
"`username` = '{$_POST["username"]}' AND " .
// passwords are encrypted by MySQL password function
"`password` = password('{$_POST["password"]}')"
);
if(!$result) die( mysql_error() );
// login successful
if( mysql_num_rows($result) ) {
$_SESSION["last_activity"] = time();
redirectTo("products.php");
}
// login failed
else {
$error = "username and password do not match";
}
}
?>
<form action="<?=$_SERVER['REQUEST_URI']?>" method="POST">
<?php if( isset($error) ): ?>
<p><?=$error?></p>
<?php endif; ?>
<p>
Username:
<input
type="text"
name="username"
value="<?=isset($_POST['username']) ? $_POST['username'] : ''?>"
/>
</p>
<p>
Password:
<input
type="password"
name="password"
value="<?=isset($_POST['password']) ? $_POST['password'] : ''?>"
/>
</p>
<p>
<input type="submit" name="login" value="log in" />
</p>
</form>
products.php
<?php
define("MY_SYSTEM", "1");
require_once("user.php");
if( !isLoggedIn() ) {
redirectTo("login.php");
}
/* Show the rest of page */
?>
<h1>Hello in the products world!</h1>