Set session duration to 2 hours

2022-01-10 15:05:05 +08:00
6 changed files with 23 additions and 1 deletions
--- a/Admin.php
+++ b/Admin.php
@ -1,5 +1,6 @@
 <?php
 include 'NoDirectPhpAcess.php';
+include 'IsValidSession.php';
 ?>

 <?php
--- a/Course.php
+++ b/Course.php
@ -1,5 +1,6 @@
 <?php
 include 'NoDirectPhpAcess.php';
+include 'IsValidSession.php';
 ?>

 <?php
--- a/Courses.php
+++ b/Courses.php
@ -1,5 +1,6 @@
 <?php
 include 'NoDirectPhpAcess.php';
+include 'IsValidSession.php';
 ?>

 <?php
--- a/Header.php
+++ b/Header.php
@ -1,5 +1,4 @@
 <?php
-session_start();
 error_reporting(0);
 date_default_timezone_set('Asia/Shanghai');

--- a/IsValidSession.php
+++ b/IsValidSession.php
@ -0,0 +1,10 @@
+<?php
+    $currentTime = time();
+    if (session_status() == PHP_SESSION_NONE) {
+        session_start();
+     }
+
+    if($_SESSION['expire'] != null && $currentTime > $_SESSION['expire']) {
+        include 'logout.php';
+    }
+?> 
--- a/Script.php
+++ b/Script.php
@ -75,6 +75,11 @@ if (!empty($_POST["form_signup"])) {
    $_SESSION['user_email'] = $email;
    $_SESSION['user_student_id'] = $student_id;

+    // set session duration
+    $_SESSION['start'] = time();
+    $session_duration = 120;
+    $_SESSION['expire'] = $_SESSION['start'] + ($session_duration * 60);
+
    // check confirmed password
    if (strcasecmp($password, $confirmpassword) != 0) {
        $_SESSION['info_signup'] = "Password confirmation failed.";
@ -162,6 +167,11 @@ if (!empty($_POST["frm_login"])) {
                $_SESSION['user_type'] = $row['UserType'];
                $_SESSION['user_fullname'] = $row['Full_Name'];

+                // set session duration
+                $_SESSION['start'] = time();
+                $session_duration = 120;
+                $_SESSION['expire'] = $_SESSION['start'] + ($session_duration * 60);
+
                if ($_SESSION['user_type'] == "Student") {
                    header("Location: Courses.php");
                }