我正在尝试用密码保护1个网页。我使用了GitHub上的这段代码,对我来说效果很好。
不幸的是,即使几天后它也不会过期,并且首次解锁后页面仍处于“解锁”状态。
请,您是否知道如何设置会话以在15分钟内过期?
这是一个代码:
<?php
# https://gist.github.com/4692807
namespace Protect;
# Will protect a page with a simple password. The user will only need
# to input the password once. After that their session will be enough
# to get them in. The optional scope allows access on one page to
# grant access on another page. If not specified then it only grants
# access to the current page.
function with($form, $password, $scope=null) {
if( !$scope ) $scope = current_url();
$session_key = 'password_protect_'.preg_replace('/\W+/', '_', $scope);
session_start();
# Check the POST for access
if( $_POST['password'] == $password ) {
$_SESSION[$session_key] = true;
redirect(current_url());
}
# If user has access then simply return so original page can render.
if( $_SESSION[$session_key] ) return;
require $form;
exit;
}
#### PRIVATE ####
function current_url($script_only=false) {
$protocol = 'http';
$port = ':'.$_SERVER["SERVER_PORT"];
if($_SERVER["HTTPS"] == 'on') $protocol .= 's';
if($protocol == 'http' && $port == ':80') $port = '';
if($protocol == 'https' && $port == ':443') $port = '';
$path = $script_only ? $_SERVER['SCRIPT_NAME'] : $_SERVER['REQUEST_URI'];
return "$protocol://$_SERVER[SERVER_NAME]$port$path";
}
function redirect($url) {
header("Location: $url");
exit;
}
先谢谢您! 菲利普
答案 0 :(得分:1)
获取用户登录时会话中的当前时间
$_SESSION['user_time']=time()
下一步创建功能并在您想要保护的页面中共享
function isSessionExpired()
{
if(time()-$_SESSION['user_time']>(15*60))
{
/... your actions here for example unset session or user
}
}
仅此而已!