The main use is thinkphp developed, relying on its existing function is able to achieve a period of time, the end of this session (regardless of user operation), but so, the experience must be bad
What does the industry generally refer to when the user has no operational judgment?
1. The mouse does not move for a period of time?
2. Mouse No click action?
3 ...
I can use JS to record these actions in the cookie, and can set the cookie expiration time, but the cookie is expired, how to end the session?
Reply content:
The main use is thinkphp developed, relying on its existing function is able to achieve a period of time, the end of this session (regardless of user operation), but so, the experience must be bad
What does the industry generally refer to when the user has no operational judgment?
1. The mouse does not move for a period of time?
2. Mouse No click action?
3 ...
I can use JS to record these actions in the cookie, and can set the cookie expiration time, but the cookie is expired, how to end the session?
Programme I
Service-Side implementation principle: the user table set a record access time stamp, when the user log on when the time stamp is written and the time required to not operate, each access to a page that requires login permissions, the first time to detect whether the field is greater than the current time, if greater than, then the description of the operation, The field is updated again by adding the time stamp and the time at which the interval will be exited without action. or use a session instead of a database record.
Programme II
The front-end implementation principle, the use of HTML5 storage or cookies, with the idea of a consistent approach, but the storage mode changed.
Scenario Comparison
Scenario One database storage, performance is inappropriate, HTML5 incompatible with the low version of the browser, cookie disable JS will expire. So the session is more appropriate.
All I've done is for 15 minutes after the user logs in if no action is automatically exited. Not for the mouse to move, are the mouse has no click or the page is not refreshed and so on. You can cookie
simply delete the settings when they expire cookie
. For reference only
Typically there is no access request, the backend can refresh the cookie when requested, and use a cookie to control the expiration.
Of course, more insurance can also use the session, the session to record the time of the request, the new request to determine whether the expiration. If the front end is forced to quit it can use the heartbeat signal (of course the heartbeat signal cannot record the request time).
can also be combined, in short, the method is a variety of, depends on how you want to use.
In php.ini there is an expiration time configured for session sessions, and when there is no action action the CLI will own it 自杀
.
In general, the front-end global event listener, each time the event triggers Ajax calls a session, so that the user session can be kept not broken. Otherwise, the session failure time will be released if it is not manipulated and exceeds the php.ini.
Stop messing around, there are ready-made:
Https://github.com/thorst/jqu ...
Enter idle state callback and restore activation state have callback, into idle state to the server to send a XHR end session finished
is generally background control, set the session timeout time.
The user's operating time limit is the session's life cycle, if the assumption is that the session period is 24 minutes, if the user after 12:00 login, there is no action, after 12:24, then the session is invalid, again operation will require re-login, The limit is that the time difference of two operations cannot exceed 24 minutes. In addition: The cookie expires, then the session login must be no, the user is definitely not logged in, PHP garbage collection mechanism will automatically clean up the session file, if it is a Redis storage session, Redis also has a corresponding method of destroying session data.