Hi there Imeatingfish,

I have just done almost the same system for myself, check to see if the session exists and if it does check to see the value is in the db, if not update the database to the effect of logged out (0) and then put a header there if the update was successful to redirect to the main page.

Make sure that you have the or die(mysql_error()) there, and what I also did was attach the query to a var and see if it returns true, when it does issue the redirect, the else would just say, failed to update, or words to the effect of.

Hope that puts you in the right area anyway.

Cheers,

MRb

well on every page i check if the session exists:

if(!isset($_SESSION['userid']))
{
 header('Location: index.php');
}

Hi there Imeatingfish,

I do simliar, I wrote a function that I check before I execute the page load, and if the session is not set I just update the db before the header, BUT, I also have a cookie set with the username in (but not for the normal keep me in for 30 days etc) purely to hold the users name, then if the session is unset & the cookie exists, I set the login to false.

I do then have another cookie set if the user decides to stay on, this then has a random piece of data suffixed with the username, from there the DB stuff is straight forward.

I hope that makes sense.

Also, within the header("location: http://www.somesite.co.uk/index.php"); its good practise to use the double quotes & the full url too.

You can just set the base name in a constant, this will save you having to re type it everytime you put in a header!

I didn't know if you knew this and I thought I would mention it ;-p

Cheers,

MRb

So you have the username in a cookie in order to set the login status to 0?

Hi there imeatingfish,

Yes purely to hold the username, then if the session doesnt yet exist ie: not logged in, the cookie will be there to set the database correct.

There may be other ways to this ie: ip logging, if the ip isnt saved in a session, check the ip against the db, if there set to 0 and then redirect to the homepage.

Thats just my thoughts.

Cheers,

MRb

Ah ok i understand...thanks for your help. But there arent any other ways?

maybe something like:

if(session_is_expired)
{
 // update sql command...
}
else
{
 // do nothing...
}

Hi imeatingfish,

session_is_expired() doesnt exist I dont think (correct me if I'm wrong...) its: session_is_registered() i think, but thats now depricated. But yes there are other ways I just havnt worked them out yet ;-p

Good Luck!

MRb

Yes i know that there isnt any session_is_expired() :)) i thought there is maybe such a similar command.

thanks for your help matthew :))

Hi imeatingfish,

No problem, though I am now thinking of looking at mine in a little more detail to see if there is another way. The way I usually check for anything in arrays is by doing:-

if (isset($_SESSION['anyValue']) && isset($_SESSION['anyValue'] == "expected value"))
{
//do stuff
}
else{
//dont do that do this
}

Anyway, hope it helps, you can use isset() /empty() as they are basically the same function, my preference is isset()...

Cheers,

MRb