My site (www.txfannin.org) has a back-end Admin area used by volunteers to add content to the Db which contains over 60 table. When each volunteer logs into the Admin area I store their Username and access lever in the $_SESSION associative array. This information is used in a log record when a record is updated.
At the beginning of each Admin module I test for the existence of a Session and if not started, then one is started. On the most used module I also set the timeout_duration = 21600 (6 hours).
The problem is that the volunteers will oftentimes work a couple of hours and then do some research, have lunch, take a nap, go to bed while the browser is still open and the admin page is still active. Thus, when they return to the computer, they again start working with the Admin module and when a record is updated the Username is Unknown. Unknown because the Session has expired and thus, the Session variable is not set and the Username is set to Unknown.
So the question is… Is there anyway to solve the problem using Sessions or do I need to just store the info in Local Storage?
TIA for any assistance.
The method you want to use might even depend on the ‘importance’ of the usecase – since a login basically is only done if you want to secure something – which means that the ‘intelligence’ (usually this dictates even the effort to put in) of the logic should be on par with the requirements.