[Tut] PHP Session Destroy after 30 Minutes - Printable Version +- Sick Gaming (https://www.sickgaming.net) +-- Forum: Programming (https://www.sickgaming.net/forum-76.html) +--- Forum: PHP Development (https://www.sickgaming.net/forum-82.html) +--- Thread: [Tut] PHP Session Destroy after 30 Minutes (/thread-99918.html) |
[Tut] PHP Session Destroy after 30 Minutes - xSicKxBot - 09-08-2022 PHP Session Destroy after 30 Minutes <div style="margin: 5px 5% 10px 5%;"><img src="https://www.sickgaming.net/blog/wp-content/uploads/2022/09/php-session-destroy-after-30-minutes.jpg" width="550" height="147" title="" alt="" /></div><div><div class="modified-on" readability="7.1489361702128"> by <a href="https://phppot.com/about/">Vincy</a>. Last modified on September 6th, 2022.</div> <p>PHP has a core function session_destroy() to clear all the session values. It is a simple no-argument function that returns a boolean true or false.</p> <p>The PHP session ID is stored in a cookie by default. Generally that session cookie file is name PHPSESSID. The session_destroy function will not <a href="https://phppot.com/php/php-session-time-set-unset/">unset the session</a> id in the cookie.</p> <p>To destroy the session ‘completely’, the session ID must also be unset.</p> <p>This quick example uses session_destroy() to destroy the session. It uses the set_cookie() method to kill the entirety by expiring the PHP session ID.</p> <div class="post-section-highlight" readability="43"> <h2>Quick example</h2> <p class="code-heading">destroy-session.php</p> <pre class="prettyprint"><code class="language-php"><?php // Always remember to initialize the session, // even before attempting to destroy it. // Destroy all the session variables. $_SESSION = array(); // delete the session cookie also to destroy the session if (ini_get("session.use_cookies")) { $cookieParam = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $cookieParam["path"], $cookieParam["domain"], $cookieParam["secure"], $cookieParam["httponly"]); } // as a last step, destroy the session. session_destroy(); </code></pre> </div> <p><strong>Note:</strong></p> <ol> <li>Use session_start() to reinitiate the session after the <a href="https://www.php.net/manual/en/function.session-destroy.php" target="_blank" rel="noopener">PHP session destroy</a>.</li> <li>Use PHP $_SESSION to <a href="https://phppot.com/php/php-unlink-vs-unset/">unset</a> a particular session variable. For an older PHP version, use session_unset().</li> </ol> <p><img loading="lazy" class="alignnone size-large wp-image-19323" src="https://phppot.com/wp-content/uploads/2022/09/php-session-destroy-output-550x147.jpg" alt="php session destroy output" width="550" height="147" srcset="https://phppot.com/wp-content/uploads/2022/09/php-session-destroy-output-550x147.jpg 550w, https://phppot.com/wp-content/uploads/2022/09/php-session-destroy-output-300x80.jpg 300w, https://phppot.com/wp-content/uploads/2022/09/php-session-destroy-output-768x206.jpg 768w, https://phppot.com/wp-content/uploads/2022/09/php-session-destroy-output.jpg 1000w" sizes="(max-width: 550px) 100vw, 550px"></p> <h2>About this login session_destroy() example</h2> <p>Let’s create a <a href="https://phppot.com/php/php-login-script-with-session/">login example code to use PHP session</a>, session_destroy and all. It allows users to login and logout from the current session. Use this code if you are looking for a complete <a href="https://phppot.com/php/user-registration-in-php-with-login-form-with-mysql-and-code-download/">user registration and login in PHP script</a>.</p> <p>This example provides an automatic login session expiry feature.</p> <h2>Landing page with a login form</h2> <p>This form posts the username and the password entered by the user. It verifies the login credentials in PHP.</p> <p>On successful login, it stores the logged-in state into a <a href="https://phppot.com/php/session-vs-cookies/">PHP session</a>. It sets the expiry time to 30 minutes from the last login time.</p> <p>It stores the last login time and the expiry time into the PHP session. These two session variables are used to expire the session automatically.</p> <p class="code-heading">login.php</p> <pre class="prettyprint"><code class="language-php-template"><?php session_start(); $expirtyMinutes = 1; ?> <html> <head> <title>PHP Session Destroy after 30 Minutes</title> <link rel='stylesheet' href='style.css' type='text/css' /> <link rel='stylesheet' href='form.css' type='text/css' /> </head> <body> <div class="phppot-container"> <h1>Login</h1> <form name="login-form" method="post"> <table> <tr> <td>Username</td> <td><input type="text" name="username"></td> </tr> <tr> <td>Password</td> <td><input type="password" name="password"></td> </tr> <tr> <td><input type="submit" value="Sign in" name="submit"></td> </tr> </table> </form> <?php if (isset($_POST['submit'])) { $usernameRef = "admin"; $passwordRef = "test"; $username = $_POST['username']; $password = $_POST['password']; // here in this example code focus is session destroy / expiry only // refer for registration and login code https://phppot.com/php/user-registration-in-php-with-login-form-with-mysql-and-code-download/ if ($usernameRef == $username && $passwordRef == $password) { $_SESSION['login-user'] = $username; // login time is stored as reference $_SESSION['ref-time'] = time(); // Storing the logged in time. // Expiring session in 30 minutes from the login time. // See this is 30 minutes from login time. It is not 'last active time'. // If you want to expire after last active time, then this time needs // to be updated after every use of the system. // you can adjust $expirtyMinutes as per your need // for testing this code, change it to 1, so that the session // will expire in one minute // set the expiry time and $_SESSION['expiry-time'] = time() + ($expirtyMinutes * 60); // redirect to home // do not include home page, it should be a redirect header('Location: home.php'); } else { echo "Wrong username or password. Try again!"; } } ?> </div> </body> </html> </code></pre> <p><img loading="lazy" class="alignnone size-large wp-image-19324" src="https://phppot.com/wp-content/uploads/2022/09/login-550x216.jpg" alt="login" width="550" height="216" srcset="https://phppot.com/wp-content/uploads/2022/09/login-550x216.jpg 550w, https://phppot.com/wp-content/uploads/2022/09/login-300x118.jpg 300w, https://phppot.com/wp-content/uploads/2022/09/login-768x301.jpg 768w, https://phppot.com/wp-content/uploads/2022/09/login.jpg 1000w" sizes="(max-width: 550px) 100vw, 550px"></p> <h2>Dashboard validates PHP login session and displays login, and logout links</h2> <p>This is the target page redirected after login. It shows the logout link if the logged-in session exists.</p> <p>Once <a href="https://phppot.com/php/user-login-session-timeout-logout-in-php/">timeout</a>, it calls the destroy-session.php code to destroy all the sessions.</p> <p>If the 30 minutes expiry time is reached or the session is empty, it asks the user to log in.</p> <p class="code-heading">home.php</p> <pre class="prettyprint"><code class="language-php-template"><?php session_start(); ?> <html> <head> <title>PHP Session Destroy after 30 Minutes</title> <link rel='stylesheet' href='style.css' type='text/css' /> <link rel='stylesheet' href='form.css' type='text/css' /> </head> <body> <div class="phppot-container"> <?php if (! isset($_SESSION['login-user'])) { echo "Login again!<br><br>"; echo "<a href='login.php'>Login</a>"; } else { $currentTime = time(); if ($currentTime > $_SESSION['expiry-time']) { require_once __DIR__ . '/destroy-session.php'; echo "Session expired!<br><br><a href='login.php'>Login</a>"; } else { ?> <h1>Welcome <?php echo $_SESSION['login-user'];?>!</h1> <a href='logout.php'>Log out</a> <?php } } ?> </div> </body> </html> </code></pre> <p>This PHP code is used for users who want to log out before the session expiry time.</p> <p>It destroys the session by requiring the destroy-session.php code. Then, it <a href="https://phppot.com/php/php-redirect/">redirects the user</a> to the login page.</p> <p class="code-heading">logout.php</p> <pre class="prettyprint"><code class="language-php"><?php session_start(); require_once __DIR__ . '/destroy-session.php'; header('Location: login.php'); ?> </code></pre> <p>I hope this example helps to understand how to destroy PHP sessions. And also, this is a perfect scenario that is suitable for explaining the need of destroying the session.<br /><a class="download" href="https://phppot.com/downloads/php/php-session-destroy.zip">Download</a></p> <p> <!-- #comments --> </p> <div class="related-articles"> <h2>Popular Articles</h2> </p></div> <p> <a href="https://phppot.com/php/php-session-destroy/#top" class="top">↑ Back to Top</a> </p> </div> https://www.sickgaming.net/blog/2022/09/06/php-session-destroy-after-30-minutes/ |