php/mysql auto logout after 2 hour and reset password
Posted on
16th Feb 2014 07:03 pm by
admin
Hi all,
This I hope will make sense. I've the following code which when a user logins in, creates a session:
if (isset($_POST['submitted'])) { // Check if the form has been submitted.
require_once ('mysql_connect.php'); // Connect to the database.
// Validate the email address.
if (!empty($_POST['email'])) {
$e = escape_data($_POST['email']);
} else {
echo '<p class="error">You forgot to enter your email address!</p>';
$e = FALSE;
}
// Validate the password.
if (!empty($_POST['pass'])) {
$p = escape_data($_POST['pass']);
} else {
$p = FALSE;
echo '<p class="error">You forgot to enter your password!</p>';
}
if ($e && $p) { // If everything's OK.
// Query the database.
$query = "SELECT user_id, first_name, account_id FROM users WHERE (email='$e' AND pass=SHA('$p')) AND active IS NULL";
$result = mysql_query ($query) or trigger_error("Query: $queryn<br />MySQL Error: " . mysql_error());
if (@mysql_num_rows($result) == 1) { // A match was made.
// Register the values & redirect.
$row = mysql_fetch_array ($result, MYSQL_NUM);
mysql_free_result($result);
mysql_close(); // Close the database connection.
$_SESSION['user_id'] = $row[0];
$_SESSION['first_name'] = $row[1];
$_SESSION['account_id'] = $row[2];
// Start defining the URL.
$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
// Check for a trailing slash.
if ((substr($url, -1) == '/') OR (substr($url, -1) == '\') ) {
$url = substr ($url, 0, -1); // Chop off the slash.
}
// Add the page.
$url .= '/index.php';
ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.
} else { // No match was made.
echo '<p class="error">Either the email address and password entered do not match those on file or you have not yet activated your account.</p>';
}
} else { // If everything wasn't OK.
echo '<p class="error">Please try again.</p>';
}
mysql_close(); // Close the database connection.
} // End of SUBMIT conditional.
?>
<h1>Login</h1>
<p class="maintext">Your browser must allow cookies in order to log in.</p>
<form action="login.php" method="post">
<fieldset>
<p class="maintext"><b>Email Address:</b> <input type="text" name="email" size="20" maxlength="40" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" /></p>
<p class="maintext"><b>Password:</b> <input type="password" name="pass" size="20" maxlength="20" /></p>
<div align="center"><input type="submit" name="submit" value="Login" /></div>
<input type="hidden" name="submitted" value="TRUE" />
</fieldset>
</form>
Each page I want protected then has this at the top
// If no first_name variable exists, redirect the user.
if (!isset($_SESSION['first_name'])) {
// Start defining the URL.
$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
// Check for a trailing slash.
if ((substr($url, -1) == '/') OR (substr($url, -1) == '\') ) {
$url = substr ($url, 0, -1); // Chop off the slash.
}
// Add the page.
$url .= '/index.php';
ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.
} else {
### page ###
}
What I'd like to do is set the session to automatically expire after 2 hours and the users password to reset to something different to prevent login.
I assume this is possible but where do I start?
No comments posted yet
Your Answer:
Login to answer
348
23
Other forums
Creating Images from images in PHP
Okay well I am trying to make a 'dynamic' calender image with PHP.
I have images like this:
Change log of Cost centre change in Plant maintenance order
Hi,
How to view Change log of Cost centre in Plant maintenance order. Not visible thru 'Docume
php automatically escaping single quotes
I'm trying to test out my security a bit and I've noticed that php is escaping my single quotes. For
Calling All PHPFREAKS Blackberry Users
Are you a member of PHPFreaks and have a blackberry? Well RIM just recently released Blackberry Mes
Need help with an email blocker for a guessbook
I am new with php and here is a simple guessbook page but I am being hit with spam from a group of t
$_POST variable un-useable
I'm trying to use a $_POST variable in a mysql update statement but i can't use it for some unknown
CE 7.1 and External GIS integration
Hi All,
We want to develop an application on CE 7.1 which uses GIS features from an exter
Bit manipulation program with binary operations
My homework is to create a program to scan in and add binary numbers and print them like so
Hyperlink is adding an extra gap to variable
Hi, here's my problem..
I have a php generated page with a hyperlink which opens in a new win
Weird problem with SELECT command..Help!
Hi!
It seems I'm having a really weird problem with SQL SELECT command....I have table into a