From 497ed3c207f28bf1c78fcb8f958e270f35a729a4 Mon Sep 17 00:00:00 2001
From: Umar <hufarouq01@gmail.com>
Date: Mon, 10 Jan 2022 15:05:05 +0800
Subject: [PATCH] Set session duration to 2 hours

---
 Admin.php          |  1 +
 Course.php         |  1 +
 Courses.php        |  1 +
 Header.php         |  1 -
 IsValidSession.php | 10 ++++++++++
 Script.php         | 10 ++++++++++
 6 files changed, 23 insertions(+), 1 deletion(-)
 create mode 100644 IsValidSession.php

diff --git a/Admin.php b/Admin.php
index f2cbee2..5bd4081 100644
--- a/Admin.php
+++ b/Admin.php
@@ -1,5 +1,6 @@
 <?php
 include 'NoDirectPhpAcess.php';
+include 'IsValidSession.php';
 ?>
 
 <?php
diff --git a/Course.php b/Course.php
index a4b7976..bb340b2 100644
--- a/Course.php
+++ b/Course.php
@@ -1,5 +1,6 @@
 <?php
 include 'NoDirectPhpAcess.php';
+include 'IsValidSession.php';
 ?>
 
 <?php
diff --git a/Courses.php b/Courses.php
index 29b4eee..a40f3d8 100644
--- a/Courses.php
+++ b/Courses.php
@@ -1,5 +1,6 @@
 <?php
 include 'NoDirectPhpAcess.php';
+include 'IsValidSession.php';
 ?>
 
 <?php
diff --git a/Header.php b/Header.php
index a302d24..f8a922d 100644
--- a/Header.php
+++ b/Header.php
@@ -1,5 +1,4 @@
 <?php
-session_start();
 error_reporting(0);
 date_default_timezone_set('Asia/Shanghai');
 
diff --git a/IsValidSession.php b/IsValidSession.php
new file mode 100644
index 0000000..1d164b5
--- /dev/null
+++ b/IsValidSession.php
@@ -0,0 +1,10 @@
+<?php
+    $currentTime = time();
+    if (session_status() == PHP_SESSION_NONE) {
+        session_start();
+     }
+
+    if($_SESSION['expire'] != null && $currentTime > $_SESSION['expire']) {
+        include 'logout.php';
+    }
+?> 
diff --git a/Script.php b/Script.php
index 68c3b3c..af3b588 100644
--- a/Script.php
+++ b/Script.php
@@ -75,6 +75,11 @@ if (!empty($_POST["form_signup"])) {
     $_SESSION['user_email'] = $email;
     $_SESSION['user_student_id'] = $student_id;
 
+    // set session duration
+    $_SESSION['start'] = time();
+    $session_duration = 120;
+    $_SESSION['expire'] = $_SESSION['start'] + ($session_duration * 60);
+
     // check confirmed password
     if (strcasecmp($password, $confirmpassword) != 0) {
         $_SESSION['info_signup'] = "Password confirmation failed.";
@@ -162,6 +167,11 @@ if (!empty($_POST["frm_login"])) {
                 $_SESSION['user_type'] = $row['UserType'];
                 $_SESSION['user_fullname'] = $row['Full_Name'];
 
+                // set session duration
+                $_SESSION['start'] = time();
+                $session_duration = 120;
+                $_SESSION['expire'] = $_SESSION['start'] + ($session_duration * 60);
+
                 if ($_SESSION['user_type'] == "Student") {
                     header("Location: Courses.php");
                 }