php/mysql auto logout after 2 hour and reset password


Posted on 16th Feb 2014 07:03 pm by admin

Hi all,

This I hope will make sense. I've the following code which when a user logins in, creates a session:


if (isset($_POST['submitted'])) { // Check if the form has been submitted.

require_once ('mysql_connect.php'); // Connect to the database.

// Validate the email address.
if (!empty($_POST['email'])) {
$e = escape_data($_POST['email']);
} else {
echo '<p class="error">You forgot to enter your email address!</p>';
$e = FALSE;
}

// Validate the password.
if (!empty($_POST['pass'])) {
$p = escape_data($_POST['pass']);
} else {
$p = FALSE;
echo '<p class="error">You forgot to enter your password!</p>';
}

if ($e && $p) { // If everything's OK.

// Query the database.
$query = "SELECT user_id, first_name, account_id FROM users WHERE (email='$e' AND pass=SHA('$p')) AND active IS NULL";
$result = mysql_query ($query) or trigger_error("Query: $queryn<br />MySQL Error: " . mysql_error());

if (@mysql_num_rows($result) == 1) { // A match was made.

// Register the values & redirect.
$row = mysql_fetch_array ($result, MYSQL_NUM);
mysql_free_result($result);
mysql_close(); // Close the database connection.
$_SESSION['user_id'] = $row[0];
$_SESSION['first_name'] = $row[1];
$_SESSION['account_id'] = $row[2];

// Start defining the URL.
$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
// Check for a trailing slash.
if ((substr($url, -1) == '/') OR (substr($url, -1) == '\') ) {
$url = substr ($url, 0, -1); // Chop off the slash.
}

// Add the page.
$url .= '/index.php';

ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.

} else { // No match was made.
echo '<p class="error">Either the email address and password entered do not match those on file or you have not yet activated your account.</p>';
}

} else { // If everything wasn't OK.
echo '<p class="error">Please try again.</p>';
}

mysql_close(); // Close the database connection.

} // End of SUBMIT conditional.
?>

<h1>Login</h1>
<p class="maintext">Your browser must allow cookies in order to log in.</p>
<form action="login.php" method="post">
<fieldset>
<p class="maintext"><b>Email Address:</b> <input type="text" name="email" size="20" maxlength="40" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" /></p>
<p class="maintext"><b>Password:</b> <input type="password" name="pass" size="20" maxlength="20" /></p>
<div align="center"><input type="submit" name="submit" value="Login" /></div>
<input type="hidden" name="submitted" value="TRUE" />
</fieldset>
</form>


Each page I want protected then has this at the top


// If no first_name variable exists, redirect the user.
if (!isset($_SESSION['first_name'])) {

// Start defining the URL.
$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
// Check for a trailing slash.
if ((substr($url, -1) == '/') OR (substr($url, -1) == '\') ) {
$url = substr ($url, 0, -1); // Chop off the slash.
}
// Add the page.
$url .= '/index.php';

ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.

} else {
### page ###
}


What I'd like to do is set the session to automatically expire after 2 hours and the users password to reset to something different to prevent login.

I assume this is possible but where do I start?

No comments posted yet

Your Answer:

Login to answer
348 Like 23 Dislike
Previous forums Next forums
Other forums

Checking if multidimensional array is empty?
I have a for with multiple test input fields. Specifically the user submits multiple names and ages

Download Image from URL and Upload it
Ok, I have been googling for the last 1/2 hour trying to figure this out, Most likely I'm just not s

Blogging s/w
heya frndz!!! i want to start a blog.... m looking for a s/w like oscommerce which is thr for e-comm

php web service error
hey guys,
I'm working on a project requires the use of web services. I've been trying a few tutor

Executing an exe
Hi. I have some bizarre problem with exec (other any other method) to launch exe's. I am making a ga

Weird MySQL error, why am I recieving this?
PHP Code:


<?php require "global_settings.php"; ?>
<titl

Aris, Netweaver BPM, Visual composer and X'app
Dear Experts,

Whats the relationship between the following components: Aris, Netweaver BP

Form validation with functions
Hi there

I am trying to make a very simple form validation function. I currently have the fol

Guixt issue
Hello all,

We are experiencing the following problem with Guixt:

Some transact

I think i'm using the syntax incorrectly
Hi Everyone!

I'm new to this forum and a newbie with PHP - I'm glad I found this site - I hop

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash