Setting session timeout in PHP

Posted under: PHP | Comments: 2

For high-security sites, setting a session timeout is neccessary. In any cirrcumstances, users should not stay logged in for prolonged periods of time...

We'll need 2 functions; 1 that sets the timeout of a current session and another 1 that verifies whether the session is still valid given the specied timeout variable set in function 1.

function check_login() {



 @session_start();



 $expiration_time = intval($_SESSION['session_expiration']);



 //if session is still valid

 if ($time() < $expiration_time) {

  validate_session('600'); // -> make it valid for another 600 secs

  return true;

 }



 else {

  unset($_SESSION['session_expiration']);

  return false;

 }

}

function validate_session($timeout) {



 @session_start();

 $_SESSION['session_expiration'] = time() + $timeout;

}

Found it helpful?

how do the if and else conditions work automatically if a user is idle for sometime ?

clearly in depth suppose assume we have called check_login() function in php code and the user is idle for some time how this unsets the session ,pls let me know

Doubt-haven't tested

Submitted by raghu on 5 November 2012 - 09:19

i want to add a moving image in background

Submitted by jaydip on 3 April 2013 - 01:14