Friday, March 29, 2024
HomePHPPHP Session Destroy after 30 Minutes

PHP Session Destroy after 30 Minutes


by Vincy. Final modified on September sixth, 2022.

PHP has a core perform session_destroy() to clear all of the session values. It’s a easy no-argument perform that returns a boolean true or false.

The PHP session ID is saved in a cookie by default. Typically that session cookie file is identify PHPSESSID. The session_destroy perform is not going to unset the session id within the cookie.

To destroy the session ‘utterly’, the session ID should even be unset.

This fast instance makes use of session_destroy() to destroy the session. It makes use of the set_cookie() methodology to kill everything by expiring the PHP session ID.

Fast instance

destroy-session.php

<?php
// All the time keep in mind to initialize the session,
// even earlier than trying to destroy it.

// Destroy all of the session variables.
$_SESSION = array();

// delete the session cookie additionally to destroy the session
if (ini_get("session.use_cookies")) {
    $cookieParam = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000, $cookieParam["path"], $cookieParam["domain"], $cookieParam["secure"], $cookieParam["httponly"]);
}

// as a final step, destroy the session.
session_destroy();

Be aware:

  1. Use session_start() to reinitiate the session after the PHP session destroy.
  2. Use PHP $_SESSION to unset a selected session variable. For an older PHP model, use session_unset().

php session destroy output

About this login session_destroy() instance

Let’s create a login instance code to make use of PHP session, session_destroy and all. It permits customers to login and logout from the present session. Use this code in case you are on the lookout for a whole person registration and login in PHP script.

This instance gives an computerized login session expiry characteristic.

Touchdown web page with a login kind

This manner posts the username and the password entered by the person. It verifies the login credentials in PHP.

On profitable login, it shops the logged-in state right into a PHP session. It units the expiry time to half-hour from the final login time.

It shops the final login time and the expiry time into the PHP session. These two session variables are used to run out the session robotically.

login.php

<?php
session_start();
$expirtyMinutes = 1;
?>
<html>
<head>
<title>PHP Session Destroy after 30 Minutes</title>
<hyperlink rel="stylesheet" href="https://phppot.com/php/php-session-destroy/fashion.css" kind="textual content/css" />
<hyperlink rel="stylesheet" href="kind.css" kind="textual content/css" />
</head>
<physique>
    <div class="phppot-container">
        <h1>Login</h1>
        <kind identify="login-form" methodology="submit">
            <desk>
                <tr>
                    <td>Username</td>
                    <td><enter kind="textual content" identify="username"></td>
                </tr>
                <tr>
                    <td>Password</td>
                    <td><enter kind="password" identify="password"></td>
                </tr>
                <tr>
                    <td><enter kind="submit" worth="Register"
                        identify="submit"></td>
                </tr>
            </desk>
        </kind>
<?php
if (isset($_POST['submit'])) {
    $usernameRef = "admin";
    $passwordRef = "take a look at";
    $username = $_POST['username'];
    $password = $_POST['password'];

    // right here on this instance code focus is session destroy / expiry solely
    // refer for registration and login code https://phppot.com/php/user-registration-in-php-with-login-form-with-mysql-and-code-download/
    if ($usernameRef == $username && $passwordRef == $password) {
        $_SESSION['login-user'] = $username;
        // login time is saved as reference
        $_SESSION['ref-time'] = time();
        // Storing the logged in time.
        // Expiring session in half-hour from the login time.
        // See that is half-hour from login time. It isn't 'final energetic time'.
        // If you wish to expire after final energetic time, then this time wants
        // to be up to date after each use of the system.
        // you may regulate $expirtyMinutes as per your want
        // for testing this code, change it to 1, in order that the session
        // will expire in a single minute
        // set the expiry time and
        $_SESSION['expiry-time'] = time() + ($expirtyMinutes * 60);
        // redirect to house
        // don't embody house web page, it must be a redirect
        header('Location: house.php');
    } else {
        echo "Improper username or password. Attempt once more!";
    }
}
?>
</div>
</physique>
</html>

login

Dashboard validates PHP login session and shows login, and logout hyperlinks

That is the goal web page redirected after login. It exhibits the logout hyperlink if the logged-in session exists.

As soon as timeout, it calls the destroy-session.php code to destroy all of the classes.

If the half-hour expiry time is reached or the session is empty, it asks the person to log in.

house.php

<?php
session_start();
?>
<html>
<head>
<title>PHP Session Destroy after 30 Minutes</title>
<hyperlink rel="stylesheet" href="https://phppot.com/php/php-session-destroy/fashion.css" kind="textual content/css" />
<hyperlink rel="stylesheet" href="kind.css" kind="textual content/css" />
</head>
<physique>
    <div class="phppot-container">
<?php
if (! isset($_SESSION['login-user'])) {
    echo "Login once more!<br><br>";
    echo "<a href="login.php">Login</a>";
} else {
    $currentTime = time();
    if ($currentTime > $_SESSION['expiry-time']) {
        require_once __DIR__ . '/destroy-session.php';
        echo "Session expired!<br><br><a href="login.php">Login</a>";
    } else {
        ?>
        <h1>Welcome <?php echo $_SESSION['login-user'];?>!</h1>
        <a href="logout.php">Log off</a>
<?php
    }
}
?>
</div>
</physique>
</html>

This PHP code is used for customers who wish to log off earlier than the session expiry time.

It destroys the session by requiring the destroy-session.php code. Then, it redirects the person to the login web page.

logout.php

<?php
session_start();
require_once __DIR__ . '/destroy-session.php';
header('Location: login.php');
?>

I hope this instance helps to know how one can destroy PHP classes. And in addition, this can be a excellent state of affairs that’s appropriate for explaining the necessity of destroying the session.
Obtain

↑ Again to High

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments