How do I make my OpenCart customers logout after a period of inactivity?

Question

We have an OpenCart site (ver 2.3.0.2). When a customer logs in, I want them to be forced to log out after being inactive for a specified time, e.g. 30 mins. I observe that customers are never logged out even if they are inactive for more than an hour.

On php.ini, found on root directory, I modified the timeout line:

session.gc_maxlifetime = 3600;

I placed an info.php file with the code:

<?php
$maxlifetime = ini_get("session.gc_maxlifetime");
echo "max=".$maxlifetime;

echo "<hr>";
phpinfo();
?>

The output showed 1440 (24 mins) for both the echo and session.gc_maxlifetime in the phpinfo().

So either a customer is logged out after 30 mins or 24 mins. Either way, I prefer to have the customer log out after a period of inactivity. How do I do this?

Sphinx · Accepted Answer · 2018-08-21T12:12:47.743

6

The best way to add this is by using sessions which are set using the current time.

NB: It is best to create a vqmod or modification section depending on the version of Opencart you using so as to not affect the Opencart Core.

See code below:

    if (!isset($this->session->data['CREATED'])) {
        $this->session->data['CREATED'] = time();
    } else if (time() - $this->session->data['CREATED'] > 1200) {    //time in seconds
        session_destroy();
        $this->logout();
    } else if (isset($this->session->data['CREATED'])) { 
        $this->session->data['CREATED'] = time();
    }

edited Aug 21 '18 at 12:12

answered Mar 27 '17 at 08:25

Sphinx

956
7
21

That was what I had in mind also. I was hoping for an easier way. :-) Thanks for suggesting, at least what I had in mind is verified – Jaime Dolor jr. Mar 27 '17 at 08:34

score 4 · Answer 2 · edited May 23 '17 at 11:55

I have modified Sphinx's answer a bit to make it work as per my need

if (!isset($this->session->data['SESSIONCREATED'])) {
    $this->session->data['SESSIONCREATED'] = time();
} else if (time() - $this->session->data['SESSIONCREATED'] > 1200) { //time in seconds 
    session_destroy();
    $this->logout();
} else if (isset($this->session->data['SESSIONCREATED'])) { 
    $this->session->data['SESSIONCREATED'] = time();
}

Above code has been placed in system/library/customer.php file (using vqmod) below following line if (isset($this->session->data['customer_id'])) {

score 0 · Answer 3 · answered May 16 '17 at 12:39

would the following code be right for the vQmod ?

<modification>
<id>Timed Logout</id>
<version>1.0</version>
<vqmver>2.1.6</vqmver>
<author>websiteinc.co.uk</author>
<file name="system/library/customer.php">
    <operation error="log">
        <search position="after" index="2"><![CDATA[if (isset($this->session->data['customer_id']))]]></search>

<add><![CDATA[if (!isset($this->session->data['SESSIONCREATED'])) {
$this->session->data['SESSIONCREATED'] = time();
} else if (time() - $this->session->data['SESSIONCREATED'] > 1400) { //time in seconds 
session_destroy();
$this->logout();
} else if (isset($this->session->data['SESSIONCREATED'])) { 
$this->session->data['SESSIONCREATED'] = time();
 }

]]></add>
    </operation>
</file>

score 0 · Answer 4 · answered Aug 07 '18 at 15:01

<modification>
<id>Timed Logout</id>
<version>1.0</version>
<vqmver>2.1.6</vqmver>
<author>Raza Umer</author>
<file name="system/library/customer.php">
    <operation error="log">
        <search position="after"><![CDATA[if (isset($this->session->data['customer_id'])) {]]></search>

<add><![CDATA[if (!isset($this->session->data['SESSIONCREATED'])) {
$this->session->data['SESSIONCREATED'] = time();
} else if (time() - $this->session->data['SESSIONCREATED'] > 86400) { //time in seconds 
session_destroy();
$this->logout();
} else if (isset($this->session->data['SESSIONCREATED'])) { 
$this->session->data['SESSIONCREATED'] = time();
 }

]]></add>
    </operation>
</file>
</modification>

copy above modification and save as filename.xml and place in vqmod/xml/

How do I make my OpenCart customers logout after a period of inactivity?

4 Answers4