session timeout

Forum Moderators: coopster

Message Too Old, No Replies

session timeout

chramya

12:28 pm on Dec 26, 2007 (gmt 0)

Hi,

Am new to PHP... I had created login form with session.. I wish to change my form as-"After idle time of 30 seconds session should expire and should go to login page once again"...

<?php
ini_set("session.gc_maxlifetime",30);
session_start();
if(session_is_registered('email'))
{
echo 'Login successful';
session_unset();
session_destroy();
}
else
{
header("location:main.html");
}
?>

I tried this code.... wat is the change that i have to do to achieve above said requirement...

Thanks,
Ramya

PHP_Chimp

6:16 pm on Dec 26, 2007 (gmt 0)

the gc stands for garbage collection, so you could use this although you would need to set garbage collection to work on every request. This is not a good idea, as this will eat up a lot of php resource as it will preform garbage collection after each request. If you think about the number of requests that php gets thats a lot of additional garbage collection.

You could set something like -


$_SESSION['last_time'] = time();

Then on each request for a new page -


if ($_SESSION['last_time']+30 >= time() {
// last login + 30 seconds greater than present time
// kill session
}

<edit>
You need to be careful when killing sessions as sometimes session_unset doesnt actually work so well.


function kill_session() {
$_SESSION = array();
session_unset;
session_destroy();
}

This should get rid of all of the session as, you will reset the session to a blank array, then unset then destroy. This should remove all of the records, even those left on the server. There are a lot of user comments on the unset page about people having problems with sessions not getting unset.

[edited by: PHP_Chimp at 6:21 pm (utc) on Dec. 26, 2007]

session timeout

chramya

PHP_Chimp

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week