/    Sign up×
Community /Pin to ProfileBookmark

session end / session timeout

Copy linkTweet thisAlerts:
Mar 02.2006

Prologue.

My site allows users to enter their details over several forms coded on several webpages. i have been using

[code=php]
<?php
session_start();

foreach($_POST as $key => $value)
{
$_SESSION[$key] = $value;
}

?>
[/code]

to start the session and register all posted variables.

I am on the last page where the user gets confirmation of the details entered.

I have started this page with the session start again so that i can use the variables to print their details.

1) How do you code the page so that if they press the back button on their browser a time out message is displayed.

2) How do i end the session?

to post a comment
PHP

8 Comments(s)

Copy linkTweet thisAlerts:
@NogDogMar 02.2006 — For ending a session, see Example 1 on this page: http://www.php.net/manual/en/function.session-destroy.php .
Copy linkTweet thisAlerts:
@peteybauthorMar 06.2006 — session_destroy(); is working when a user enters the url of the page but when they press the back button on the web browser the data remains.

1) how can you work around this problem - i.e. stop the back button / page timeout?

2) is there a code that forwards a user to a different url if they type the address name of a page which should only be accessed via my submit buttons?
Copy linkTweet thisAlerts:
@bokehMar 06.2006 — If the processing of the final page completeed successfully the viewer should be forwarded to a success page using [code=php]header('Location: http://domain.com/success.php');
exit;[/code]
Copy linkTweet thisAlerts:
@peteybauthorMar 06.2006 — that doesnt stop the user pressing the back button on their web browser or typing the url of any of the applicable webpages?
Copy linkTweet thisAlerts:
@bokehMar 06.2006 — Of course not but the success page would destroy the session and it performs a lot better than having the same script produce the success page because the major cause of trouble is the refresh button and not the back button.
Copy linkTweet thisAlerts:
@peteybauthorMar 06.2006 — im understanding the logic a bit better although, i have a confirmation page after the user has completed the process, whereby the code utilises the SESSION array to display certain items, such as if they paid by Credit Card those details will be displayed and vice versa for Direct debit.

This means i need the session_start() at the begining and with the session_destroy at the end the same effect of having session_destroy at the begining is not achieved.

???
Copy linkTweet thisAlerts:
@bokehMar 06.2006 — It doesn't really matter at what point you destroy the session. The important thing is the redirect meaning the viewer got to the final page without a POST request.
Copy linkTweet thisAlerts:
@peteybauthorMar 06.2006 — without a POST request??

when i have purchased goods online in my experience if a press the back button a screen message is dsiplayed saying 'session has expired'.

how can this be done?
×

Success!

Help @peteyb spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 6.18,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @nearjob,
tipped: article
amount: 1000 SATS,

tipper: @meenaratha,
tipped: article
amount: 1000 SATS,

tipper: @meenaratha,
tipped: article
amount: 1000 SATS,
)...