php/mysql auto logout after 2 hour and reset password
Posted on
16th Feb 2014 07:03 pm by
admin
Hi all,
This I hope will make sense. I've the following code which when a user logins in, creates a session:
if (isset($_POST['submitted'])) { // Check if the form has been submitted.
require_once ('mysql_connect.php'); // Connect to the database.
// Validate the email address.
if (!empty($_POST['email'])) {
$e = escape_data($_POST['email']);
} else {
echo '<p class="error">You forgot to enter your email address!</p>';
$e = FALSE;
}
// Validate the password.
if (!empty($_POST['pass'])) {
$p = escape_data($_POST['pass']);
} else {
$p = FALSE;
echo '<p class="error">You forgot to enter your password!</p>';
}
if ($e && $p) { // If everything's OK.
// Query the database.
$query = "SELECT user_id, first_name, account_id FROM users WHERE (email='$e' AND pass=SHA('$p')) AND active IS NULL";
$result = mysql_query ($query) or trigger_error("Query: $queryn<br />MySQL Error: " . mysql_error());
if (@mysql_num_rows($result) == 1) { // A match was made.
// Register the values & redirect.
$row = mysql_fetch_array ($result, MYSQL_NUM);
mysql_free_result($result);
mysql_close(); // Close the database connection.
$_SESSION['user_id'] = $row[0];
$_SESSION['first_name'] = $row[1];
$_SESSION['account_id'] = $row[2];
// Start defining the URL.
$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
// Check for a trailing slash.
if ((substr($url, -1) == '/') OR (substr($url, -1) == '\') ) {
$url = substr ($url, 0, -1); // Chop off the slash.
}
// Add the page.
$url .= '/index.php';
ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.
} else { // No match was made.
echo '<p class="error">Either the email address and password entered do not match those on file or you have not yet activated your account.</p>';
}
} else { // If everything wasn't OK.
echo '<p class="error">Please try again.</p>';
}
mysql_close(); // Close the database connection.
} // End of SUBMIT conditional.
?>
<h1>Login</h1>
<p class="maintext">Your browser must allow cookies in order to log in.</p>
<form action="login.php" method="post">
<fieldset>
<p class="maintext"><b>Email Address:</b> <input type="text" name="email" size="20" maxlength="40" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" /></p>
<p class="maintext"><b>Password:</b> <input type="password" name="pass" size="20" maxlength="20" /></p>
<div align="center"><input type="submit" name="submit" value="Login" /></div>
<input type="hidden" name="submitted" value="TRUE" />
</fieldset>
</form>
Each page I want protected then has this at the top
// If no first_name variable exists, redirect the user.
if (!isset($_SESSION['first_name'])) {
// Start defining the URL.
$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
// Check for a trailing slash.
if ((substr($url, -1) == '/') OR (substr($url, -1) == '\') ) {
$url = substr ($url, 0, -1); // Chop off the slash.
}
// Add the page.
$url .= '/index.php';
ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.
} else {
### page ###
}
What I'd like to do is set the session to automatically expire after 2 hours and the users password to reset to something different to prevent login.
I assume this is possible but where do I start?
No comments posted yet
Your Answer:
Login to answer
348 
23 
Other forums
login page does not execute a else statement
I've created a login page using sessions.
When an incorrect user name or password is entered then
Will an XHTML DOCTYPE interfere with my PHP if I'm not experienced enough?
I've read this article here: http://friendlybit.com/html/why-xhtml-is-a-bad-idea/
In a nutshe
* Gridview and Detailsview in UpdatePanel, insert mode problem
I have a GridView and DetailsView working together. When a record from Gridview is selected, Detail
socket communication between c++/java and sending image
hi,
i have a class in c++ called win32_sockserver which creates socket to java. i am trying
Recognising Revenue daily
Hello.
Has anyone come across daily recognition of deferred income?
We want to implement R
Remove Rows From Database ad
Hi All,
I have this:
Code: [Select]<?php
session_start();
include('../com
Multiple while loops
I have several DB queries that I know should be returning results and aren't. I have a feeling it ha
Looking for help reading a .txt or .ini file and outputting the info.
I have a file called Info.ini and It has the following info:
Code: [General]
Online=0
I wou
Populate drop down list from table??
Lets say for arguments sake that i have a table which contains the numbers 1 to 10.
How can i get
problem with query error
First Thanks to those who helped me on my previous posts, and the following code i'm using is not mi
