Redirecting to specific page on session timeout

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
mavinint
Forum Newbie
Posts: 2
Joined: Tue Feb 14, 2006 5:44 pm

Redirecting to specific page on session timeout

Post by mavinint »

Hi

I wanted to ask if it is at all possible to redirect a user to a specific page once their session has timed out. I can't find anything out there that does this.

Thanks in advance

Danny
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Are you talking about redirecting after a user invokes a page after session timeout? Or are you asking for a dynamic page that redirects as soon as the session times out?
mavinint
Forum Newbie
Posts: 2
Joined: Tue Feb 14, 2006 5:44 pm

Post by mavinint »

I mean when a user invokes a page after the session timeout
josh
DevNet Master
Posts: 4872
Joined: Wed Feb 11, 2004 3:23 pm
Location: Palm beach, Florida

Post by josh »

It is impossible to tell if its just the user's first time or if they had a session that is now expired. You will need to write your own session handling functions and keep the session data forever so you can verify that the session has timed out or if it doesn't exist yet. Well maybe not forever but longer then the normal functions stay on the filesystem
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

I'm sure there are various ways of doing this, but what I have done in the past is set a session var at some point and check for that var throughout the site. PHP defaults session garbage collection dumps to 20 minutes (1800 seconds actually) so it will automatically destroy the session if there has been no session activity within that time frame. So what I have done in the past is set a session var and check for it at the beginning of the script. If it is set, then the session is still in effect. If it is not set, then the session is dead. Within each check have the script do whatever you want it to. This is a really basic process example. Post back if you need more direction.
josh
DevNet Master
Posts: 4872
Joined: Wed Feb 11, 2004 3:23 pm
Location: Palm beach, Florida

Post by josh »

Everah, that is the method I would recommend but it sounds like he needs to tell apart the first time visitors from the session timed out ones (meaning if it is my first time to the site I would not see the "your session has timed out" page). Yet another way to do this would be to set a cookie along with the session, if that cookie exists but Everah's session value does not then they have timed out (if the cookie doesn't exist its just their first time to the site), this relies on the client having cookies enabled, etc... so its not a solid method but should get the job done
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Excellent point jshpro2. mavinint, are you using this session check, redirect methodology throughout the site, or only in areas that require a log in? If you are setting the session start timing to a login event then you are in the clear. Checking session timing on first page load will get tricky, especially if the user doesn't accept cookies.

Without relying on cookies the only thing you can rely on is something stored in a database, but that would require a process to hit the DB before making a decision on what to do if this is a first time visit or a return, timed out visit.
Post Reply