PHP
  Home arrow PHP arrow Page 9 - User Authentication With Apache And PHP
Dev Shed Forums  
Administration  
AJAX  
Apache  
BrainDump  
DHTML  
Flash  
Java  
JavaScript  
Multimedia  
MySQL  
Oracle  
Perl  
PHP  
Practices  
Python  
Reviews  
Security  
Smartphone Development  
Style-Sheets  
Web Services  
XML  
Zend  
Zope  
Mobile Linux  
App Generation ROI  
IBM® developerWorks  
Forums Sitemap  
E-Commerce Hosting  
Linux Web Hosting  
Managed Hosting  
Small Business Hosting  
VPS Hosting  
Weekly Newsletter

 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us Get Paid  
Request Media Kit
Contact Us  
Site Map  
Privacy Policy  
Support  
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
PHP

User Authentication With Apache And PHP
By: The Disenchanted Developer, (c) Melonfire
  • Search For More Articles!
  • Disclaimer
  • Author Terms
    		•
    Rating: starstarstarstarstar / 57
    2002-03-13


    Table of Contents:
  • User Authentication With Apache And PHP
  • Back To Basics
  • The Right Creds
  • Hidden Costs
  • Logging In
  • Rank And File
  • Heavy Iron
  • Sock It To Me, Baby!
  • Time To Live
  • A Stitch In Time
  • Closing Time
    		•

    Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      error-file:tidyout.log Del.ici.ous error-file:tidyout.log Digg
      error-file:tidyout.log Blink error-file:tidyout.log Simpy
      error-file:tidyout.log Google error-file:tidyout.log Spurl
      error-file:tidyout.log Y! MyWeb error-file:tidyout.log Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article

    		 
     
    ADVERTISEMENT

    User Authentication With Apache And PHP - Time To Live
    ( Page 9 of 11 )

    Finally, once the user has logged in, it is good practice to offer a log out button on every page. This provides the user with the ability to manually destroy the session and session variables created during the initial log-in phase, and eliminates the possibility of malicious users "spoofing" sessions.

    Here's what "logout.php" looks like: 
    <?
// logout.php - destroys session and returns to login form

// destroy all session variables
session_start();
session_destroy();

// redirect browser back to login page
header("Location: /index.php");
?>
    The session_destroy() function provides a convenient way to destroy all information in the current session.

    You should also make it a point to specify a session lifetime in your PHP configuration, so that sessions are automatically destroyed if inactive for a specific period of time (thirty minutes is generally considered reasonable).

    Obviously, you can also destroy a session just by closing your browser, just as with HTTP authentication.



    Discuss User Authentication With Apache And PHP
     
    >>> Be the FIRST to comment on this article!
     


     
     
    >>> More PHP Articles          >>> More By The Disenchanted Developer, (c) Melonfire
     

       

    PHP ARTICLES

    - Building Dynamic Queries with Chainable Meth...
    - PHP Encryption and Decryption Methods
    - Building a MySQL Abstraction Class with Meth...
    - Completing a Sample String Processor with Me...
    - Mastering WHILE Loops for PHP and MySQL
    - Method Chaining: Adding More Methods to the ...
    - Method Chaining in PHP 5
    - The Role of Interfaces in Applying the Depen...
    - Dependency Injection: Using a Setter Method ...
    - Using a Model Class with the Dependency Inje...
    - Injecting Objects Using Setter Methods with ...
    - Injecting Objects by Constructor with the De...
    - The Dependency Injection Design Pattern in P...
    - Performing Inferential Statistical Analysis ...
    - Performing Descriptive Statistical Analysis ...
    Find More PHP Articles




    © 2003-2009 by Developer Shed. All rights reserved. DS Cluster 2 Hosted by Hostway
    Stay green...Green IT