Hi i recently create a login system but i encounter one problem about session.

i want to do inactivity logout for 30 minutes. But the user can stay on forever if he keep active.

At first, i think set sess_expiration for 30min in config file will do the job. But i am wrong.

Is there anyway i can update that sess_expiration var?

Please help me how should i code it?

Thanks a lot

The expiration clock only starts to tick after the last activity on the session, and resets on every acivity (code from the session library):

Maybe you could store the login time in the session and destroy the session in the code after the preferred ammount of time?

Haloperidol - 03 July 2009 08:11 PM

The expiration clock only starts to tick after the last activity on the session, and resets on every acivity (code from the session library):

if (($session['last_activity'] + $this->sess_expiration) < $this->now)
{
   $this->sess_destroy();
   return FALSE;
}

Maybe you could store the login time in the session and destroy the session in the code after the preferred ammount of time?

Thanks for reply.

i am confused. As you mention, “The expiration clock only starts to tick after the last activity on the session”. It actually doing what i want. Destory the session after inactivity for “sess_expiration” time? And the user can stay online forever if he active within “sess_expiration” time??

Thanks

helphelp - 04 July 2009 02:55 PM

Haloperidol - 03 July 2009 08:11 PM

The expiration clock only starts to tick after the last activity on the session, and resets on every acivity (code from the session library):

if (($session['last_activity'] + $this->sess_expiration) < $this->now)
{
   $this->sess_destroy();
   return FALSE;
}

Maybe you could store the login time in the session and destroy the session in the code after the preferred ammount of time?

Thanks for reply.

i am confused. As you mention, “The expiration clock only starts to tick after the last activity on the session”. It actually doing what i want. Destory the session after inactivity for “sess_expiration” time? And the user can stay online forever if he active within “sess_expiration” time??

Thanks

Yes thats right, the session will not be destroyed if the user is active. I only advised to store the login time in a variable because i thought you want to force the user to logout even if he was active.

hello people,
I’m new to CI. Well I’m just creating a login page for Administrator. I just want to create a session when the record is found in database….So please help me

Thanx