如果用户在php中闲置,如何注销会话 [英] how to logout session if user idle in php
问题描述
我是php的新手,正在尝试建立一个网站.如果他闲置了一段时间,我想注销用户会话.我在网上搜索,但找不到正确的代码.您如何检查用户是否在php中处于空闲状态?谁能帮我.
I am new to php and am trying to build a website. I would like to logout user session if he is idle for some time. I searched the web but i couldn't find the proper code. How do you check whether user is idle or not in php?. Can anyone help me please.
推荐答案
有几种方法可以做到这一点.这是一对...
There are a few ways to do this. Here are a couple...
-
设置会话的过期时间,以使会话在一定时间后过期,并且不再有效.
set a session expiry time, such that after a certain amount of time, the session expires and is no longer valid.
设置一个时间"标志作为会话数据,并检查其会话是否仍然足够新"以保持它们在每个页面加载中的登录状态.
set a 'time' flag as session data, and check if their session is still 'new enough' to keep them logged in each pageload.
我会选择第二种选择,因为很难在PHP中设置正确的值以使会话安全地到期,以及您希望的方式.使用第二个选项,您要做的就是确保会话在您想要的会话之前不过期 .
I would opt for the second choice, as it can be difficult to set the right values in PHP such that the session expires securely, and the way you want it to. With the second option, all you have to do is make sure the session will not expire before you want it to, which is easier.
选项2的代码示例:
//on pageload
session_start();
$idletime=60;//after 60 seconds the user gets logged out
if (time()-$_SESSION['timestamp']>$idletime){
session_destroy();
session_unset();
}else{
$_SESSION['timestamp']=time();
}
//on session creation
$_SESSION['timestamp']=time();
您的评论解释说,您实际上是希望在客户端上跟踪鼠标事件和其他事物,以确定用户是否空闲.这更复杂.我将给出一个通用的解决方案,然后为优化和改进提供一些建议.
Your comment explains that you'd actually like to keep track of mouse events and other things on the client side to determine if the user is idle. This is more complicated. I will give a general solution, and then offer a couple suggestions for optimizations and improvements.
要完成您描述的内容,您必须跟踪客户端活动(鼠标移动,键盘击键等)并在服务器端处理该信息.
To accomplish what you've described, you must track clientside activity (mouse movements, keyboard strokes etc) and process that information on the server side.
跟踪客户端活动将需要javascript事件处理程序.您应该为每个要计数为非空闲"的动作创建一个事件处理程序,并跟踪(在javascript变量中)它们上次空闲的时间是什么.
Tracking clientside activity will require javascript event handlers. You should create an event handler for every action you want to count as 'not being idle', and keep track (in a javascript variable) of when the last time they've been idle is.
在服务器端处理该信息将需要您使用 ajax 将上次空闲时间发送给服务器.因此,每隔几秒钟,您应该(使用javascript)向服务器发送一个更新,该更新指定用户空闲了多长时间.
Processing that info on the server side will require you to use ajax to send the last time they've been idle to the server. So every few seconds, you should send the server an update (using javascript) which specifies how long the user has been idle.
一些额外的建议:
-
您不应依赖此ajax解决方案作为跟踪用户活动的唯一方法,因为某些用户不会启用JS.因此,您还应该跟踪页面加载时的用户活动.因此,您可能不应将空闲时间设置得太低(至少对于非JS用户而言),因为非JS用户在页面加载发生之前不会向服务器发送任何数据.
You should not rely on this ajax solution as the only way to track user activity, as some users will not have JS enabled. So, you should also track user activity on pageload. Accordingly you should probably not set the idle time too low (at least for non-JS users), as non-JS users will not be sending any data to the server until pageloads occur.
您应该尽可能少地通过Ajax将更新发送给用户有关用户活动的信息,以减少对服务器的需求.为此,只需让javascript跟踪用户何时超时即可.如果到达用户将要超时的位置(例如,大约一分钟左右),请然后然后对服务器执行ping操作.
You should send updates to the server via ajax as infrequently as possible about user activity to decrease demand on the server. To do this, simply have javascript keep track of when the user would time out. If it gets to the point where the user is about to time out (say, in about a minute or so), then and only then ping the server.
这篇关于如果用户在php中闲置,如何注销会话的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
