Welcome to WebmasterWorld Guest from

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

Logging out

Clearing session info on a time out



3:43 pm on Jul 18, 2002 (gmt 0)

Inactive Member
Account Expired


I am having some problems with session variables on an intranet web application. If the session times out, the session variable do not seem to clear nor does the session abandon. Does anyone have any ideas?
4:49 pm on July 18, 2002 (gmt 0)

Junior Member

10+ Year Member

joined:June 3, 2002
votes: 0

if you're using PHP, there's a variable called session.gc_maxlifetime which specifies the number of seconds after which data will be seen as 'garbage' and cleaned up. (reference: php.net [php.net])

now the problem with that is let's say user A starts a session at 1h00 and then leave for 45 minutes (and you previously set session.gc_maxlifetime to 30 minutes). Now technically what happens is that user A session data should be erased, but that will only happens if an other user let's call him user B, show up between 1h30 and 1h44. Otherwise, user A will still have access to it's old session data.


6:00 pm on July 18, 2002 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lorax is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Mar 31, 2002
votes: 2

Hello Sandi and welcome to WMW.

I'm about to tackle this issue myself and was wondering about setting the default server time-out page to a custom PHP page which has the following:

session_unset(); //kills all session variables
session_destroy(); // kills the session

This would allow me to build whatever PHP applications on the internal network I wanted and if any of them time-out then the session kill will be run.

On the other hand I'm thinking of a chron job set for 2 hours or so.