views:

254

answers:

4

Basically I'm looking for a solution where a user is notified five minutes before the session expires.

The ideal solution will be count down notification that will have an option to renew the session.

If the countdown timer expires without the user refreshing the page, I need to log them out.

A: 

Hi,

  1. One way is to store in one javascript variable the time remaining, and update the variable in every page refresh

  2. Create one javascript function with one settimeout that verifies the value of the variable that you set in 1.)

Regards,
Pedro

Pedro
+1  A: 

Depends on what exactly you want to achieve. When someone uses multiple tabs/windows, a window can stay open for very long without the session expiring. AJAX operations complicate things even further. If you want accurate notifications, you will have to set up a timer, and when it fires, check via an AJAX request (taking care not to renew the session) whether the estimate is still accurate.

Tgr
+2  A: 

Since the session will be refreshed as soon as you go back server-side and the script calls session_start() you really need to do this in Javascript. However if the user has two browser windows open with a split session and one is inactive, while the user is still generating traffic with the other, then the javascript in the idle window would incorrectly report that the session was about to expire. So you'd need to implement your own ajax wrapper to detect the age of the session without calling session_start().

Something like:

 $session_id=$_REQUEST[session_name()];
 // if you use the default handler:
 $session_last_access=filemtime(session_save_path() . '/' . $session_id);
 $time_left=time() + session_cache_expire() - $session_last_access;

C.

symcbean
A: 

Added this script in view: `

if(isSessionAlive >0)
{
    var timer = {
        time: 0,
        now: function(){ return (new Date()).getTime(); },
        start: function(){ this.time = this.now(); },
        since: function(){ return this.now()-this.time; }
    }
    var timerId;
    sess_expiration    = <?=($this->config->config["sess_expiration"]*1000)?>;
    alertTime    = <?=($this->config->config["sess_time_to_alert"])?>;
    timerId        = window.setTimeout("pingCI()",sess_expiration-((alertTime*1000)));
    jsBaseurl  =  "<?=($this->config->config["base_url"])?>";

}
function resetTimer(resetTime)
{
    //alert('RESET Time'+resetTime);
    window.clearTimeout(timerId);
    timerId = window.setTimeout("pingCI()", resetTime);
    return;
}
function pingCI()
{
    if(isSessionAlive > 0)
    {
            $.ajax({
                type: "POST",
                url: "<?= site_url('users/getSessionTimeLeft') ?>/",
                data: "sessid=<?=$this->session->userdata("session_id")?>",
                success: function(transport) 
                {
                    response = transport;

                    if(response=='')
                    {
                        parent.location.assign(jsBaseurl+'users/logout');
                    }
                    else if((response<=(alertTime*1000)) ||  (response-1000<=(alertTime*1000)))
                    {
                        alertSessionTimeOut(response);
                    }
                    else
                    {
                        resetTime = eval((response - alertTime)*1000);
                        resetTimer(resetTime);
                    }
                } 
            });
    }
}
function alertSessionTimeOut(alertTimeExp)
{
    if(isSessionAlive>0)
    {
        var response='';
        var timerIdEnd;

        timerAlert = window.setTimeout("forceLogout()",alertTimeExp*1000);
        timer.start(); // start counting my friend...


        fConfirm = confirm('Your Session is about to time out. Please click OK to continue the session');
        if(timer.since() >= (alertTime*1000))
        {
            parent.location.assign(jsBaseurl+'users/logout');
        }
        if(fConfirm ==true)
        {
                $.ajax({
                    type: "POST",
                    url: "<?= site_url('users/keepAlive') ?>/",
                    data: "sessid=<?=$this->session->userdata("session_id")?>",
                    success: function(transport) 
                    {
                        response = transport;
                        if(response=='')
                        {
                            parent.location.assign(jsBaseurl+'users/logout');
                        }
                        window.clearTimeout(timerAlert);
                        resetTimer(sess_expiration-((alertTime)*1000));
                    }
                });
        }
        else
        {
            //parent.location.assign(jsBaseurl+'users/logout');
            window.clearTimeout(timerAlert);
            window.clearTimeout(timerId);

        }
    }
}

function forceLogout()
{
    parent.location.assign(jsBaseurl+'users/logout');
} 

And in Users Controller:

   function getSessionTimeLeft()
   {
    $ci = & get_instance();
    $SessTimeLeft    = 0;
    $SessExpTime     = $ci->config->config["sess_expiration"];
    $CurrTime        = time();
    $lastActivity = $this->session->userdata['last_activity'];
    $SessTimeLeft = ($SessExpTime - ($CurrTime - $lastActivity))*1000;
    print $SessTimeLeft;
}

function keepAlive()
{
    $this->load->library('session');
    $this->session->set_userdata(array('last_activity'=>time()));
    if(isset($this->session->userdata["user_id"])) print 'ALIVE';
    else print  '';
} 

`

ASD