Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
Give wp_set_auth_cookie() a read. Look at the $remember portion (I think).
You should be able to use that in a… plugin… 😉 or possibly your theme’s functions.php file.
Cool! Thanks, Jan!
I have it set up on false:
wp_set_auth_cookie($user_id, $remember = false, $secure = '')
Should I provide a value for the $secure ” ?
If I do the following:
wp_set_auth_cookie($user_id, $remember = true, $secure = '30')
I replaced “false” by “true” and set the value “30”!
Will this work?
Neppp! It didn’t work! I’ve already tried it but doesn’t work as I thought 🙁
For the plugin, I’d like to reduce using plugins at the minimum!
What exactly do you want to do with this? Do you want the user to be logged out after a certain amount of time so that they can’t access a page when they go to ir, or are you trying to re-direct users that have been inactive to long to a log in page?
If you just want to make sure that users that have bene inactive are not allowed to do anything, there’s no need to worry. PHP takes care of this with it’s own sessions, so it’s all taken care of already. The time out can vary depending on the server and it’s individual settings, so if the time out isn’t right you may be able to talk to your hosting company to change this.
If you want to re-direct users to a log in page if they have been inactive for to long, you can always try adding a meta redirect tag to your admin/site headers HTML. I’d set this to a big time out that’s higher then the session time out so that it would only hit that redirection timer after the users session would have expired anyway. This code would really work best being in a plugin.
Don’t worry to much about reducing plugin use. The overhead from having more plugins is not high compared to the benifits that you get form keeping things modular. You have to have the code set up somewhere anyway, and having it set up as a plugin just makes it easier to maintian and also lets you remember where it is rather then trying to search through the rest of your code base to find out where you put the code before.
Thanks Michael.
I’d just to finish the login session after inactivity time. For example after 30 minutes of inactivity, the logged member should re-login if he didn’t do anything! Or, if someone forgets to logout manually, this will compromise the website security!
So, logout automatically after inactivity time is a good option isn’t it?
Maybe I’ve to take a look at plugins.
Like I said, PHP takes care of this with sessions. Inactive users will loose their session details after the set time on the server without you doing anything. Users don’t just stay logged in forever. 🙂
The onyl time that user logins won’t time out is if they select the ‘Remember Me’ check box on the login screen.
Just to add that currently when I log into my localhost installation, I stay logged in forever! If for example I leave it overnight, I come the morning and find my session as logged in!
So, I wish to automatically log out.
