khoand0000 · September 9, 2014 19:10
diff --git a/check_login.php b/check_login.php
 <?php

 // http://prajapatinilesh.wordpress.com/2009/01/14/manually-set-php-session-timeout-php-session/
 // Change the session timeout value to 30 minutes  // 8*60*60 = 8 hours
 //ini_set('session.gc_maxlifetime', 30*60);
 //// php.ini setting required for session timeout.
 //
 //ini_set('session.gc_maxlifetime',30);
 //ini_set('session.gc_probability',1);
 //ini_set('session.gc_divisor',1);
 //————————————————————————————–
 //if you want to change the  session.cookie_lifetime.
 //This required in some common file because to get the session values in whole application we need to write session_start();  to each file then only will get $_SESSION global variable values.

 //$sessionCookieExpireTime=8*60*60;
 //session_set_cookie_params($sessionCookieExpireTime);

 // Reset the expiration time upon page load //session_name() is default name of session PHPSESSID
 //
 //if (isset($_COOKIE[session_name()]))
 //    setcookie(session_name(), $_COOKIE[session_name()], time() + $sessionCookieExpireTime, "/");
 //————————————————————————————–
 //To get the session cookie set param values.
 /*
 $CookieInfo = session_get_cookie_params();

 echo "<pre>";
 echo "Session information session_get_cookie_params function :: <br />";
 print_r($CookieInfo);
 echo "</pre>";
 */
 session_start();
 if (!isset($_SESSION['CREATED'])) {
    $_SESSION['CREATED'] = time();
 } else if (time() - $_SESSION['CREATED'] > 60 * 60 * 2) {
    // session started more than 30 minutes ago
    session_regenerate_id(true);    // change session ID for the current session an invalidate old session ID
    $_SESSION['CREATED'] = time();  // update creation time
 }
 if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 60 * 60 * 2)) {
    // last request was more than 30 minutes ago
    session_unset();     // unset $_SESSION variable for the run-time
    session_destroy();   // destroy session data in storage
 }
 $_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp

 //if(isset($_COOKIE['username'])&&($_COOKIE['username'] !="")){
 if(isset($_SESSION['username'])&&($_SESSION['username'] !="")){
    //setcookie("username", $_COOKIE['username'], time() + 60 * 5, "/admin/");  /* expire in 1 hour */
    $uname= $_SESSION['username'];
    if (preg_match('/index.php$/misu', $_SERVER['PHP_SELF'])){
        header("location:home.php");
    }
 }else{
    if (!preg_match('/index.php$/misu', $_SERVER['PHP_SELF']))
        header("location:index.php");
 }
 define("HOSTPATH",'/admin/');
	<?php

	// http://prajapatinilesh.wordpress.com/2009/01/14/manually-set-php-session-timeout-php-session/
	// Change the session timeout value to 30 minutes // 86060 = 8 hours
	//ini_set('session.gc_maxlifetime', 30*60);
	//// php.ini setting required for session timeout.
	//
	//ini_set('session.gc_maxlifetime',30);
	//ini_set('session.gc_probability',1);
	//ini_set('session.gc_divisor',1);
	//————————————————————————————–
	//if you want to change the session.cookie_lifetime.
	//This required in some common file because to get the session values in whole application we need to write session_start(); to each file then only will get $_SESSION global variable values.

	//$sessionCookieExpireTime=86060;
	//session_set_cookie_params($sessionCookieExpireTime);

	// Reset the expiration time upon page load //session_name() is default name of session PHPSESSID
	//
	//if (isset($_COOKIE[session_name()]))
	// setcookie(session_name(), $_COOKIE[session_name()], time() + $sessionCookieExpireTime, "/");
	//————————————————————————————–
	//To get the session cookie set param values.
	/*
	$CookieInfo = session_get_cookie_params();

	echo "<pre>";
	echo "Session information session_get_cookie_params function :: <br />";
	print_r($CookieInfo);
	echo "</pre>";
	*/
	session_start();
	if (!isset($_SESSION['CREATED'])) {
	$_SESSION['CREATED'] = time();
	} else if (time() - $_SESSION['CREATED'] > 60 * 60 * 2) {
	// session started more than 30 minutes ago
	session_regenerate_id(true); // change session ID for the current session an invalidate old session ID
	$_SESSION['CREATED'] = time(); // update creation time
	}
	if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 60 * 60 * 2)) {
	// last request was more than 30 minutes ago
	session_unset(); // unset $_SESSION variable for the run-time
	session_destroy(); // destroy session data in storage
	}
	$_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp

	//if(isset($_COOKIE['username'])&&($_COOKIE['username'] !="")){
	if(isset($_SESSION['username'])&&($_SESSION['username'] !="")){
	//setcookie("username", $_COOKIE['username'], time() + 60 * 5, "/admin/"); /* expire in 1 hour */
	$uname= $_SESSION['username'];
	if (preg_match('/index.php$/misu', $_SERVER['PHP_SELF'])){
	header("location:home.php");
	}
	}else{
	if (!preg_match('/index.php$/misu', $_SERVER['PHP_SELF']))
	header("location:index.php");
	}
	define("HOSTPATH",'/admin/');