Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

PHP Session timeout

Tags:

redirect

php

session

timeout

login

I am creating a session when a user logs in like so:

$_SESSION['id'] = $id;

How can I specify a timeout on that session of X minutes and then have it perform a function or a page redirect once it has reached X minutes??

EDIT: I forgot to mention that I need the session to timeout due to inactivity.

like image 765
user342391 Avatar asked Jun 18 '10 10:06

user342391

People also ask

What is PHP session timeout?

The inactivity of a registered user is checked by the session timeout. When a user login into a website then a session creates for that user and the session is destroyed when the user logout or closes the browser. The session timeout is used to set the time limit for the inactivity of the user.

How long is PHP session timeout?

By default, the PHP session expired when you close the browser or after a specific time. That usually is 24 minutes, but it depends on your server configuration.

How increase session expire time in PHP?

If you use PHP's default session handling, the only way to reliably change the session duration in all platforms is to change php. ini. That's because in some platforms, garbage collection is implemented through a script that runs every certain time (a cron script) that reads directly from php.

2 Answers

first, store the last time the user made a request

<?php   $_SESSION['timeout'] = time(); ?>

in subsequent request, check how long ago they made their previous request (10 minutes in this example)

<?php   if ($_SESSION['timeout'] + 10 * 60 < time()) {      // session timed out   } else {      // session ok   } ?>
like image 189
Jacco Avatar answered Sep 24 '22 13:09

Jacco

When the session expires the data is no longer present, so something like

if (!isset($_SESSION['id'])) {     header("Location: destination.php");     exit; }

will redirect whenever the session is no longer active.

You can set how long the session cookie is alive using session.cookie_lifetime

ini_set("session.cookie_lifetime","3600"); //an hour

EDIT: If you are timing sessions out due to security concern (instead of convenience,) use the accepted answer, as the comments below show, this is controlled by the client and thus not secure. I never thought of this as a security measure.

like image 22
Vinko Vrsalovic Avatar answered Sep 23 '22 13:09

Vinko Vrsalovic
Sign in to Comment

Related questions

What is Drupal's default password encryption method?
PHP - If variable is not empty, echo some html code
CURL and HTTPS, "Cannot resolve host"
Remove zero values from a PHP array
"call to undefined function" error when calling class method
Using sessions & session variables in a PHP Login Script
Dollar ($) sign in password string treated as variable
RuntimeException vendor does not exist and could not be created
How do check if a PHP session is empty?
How to remove http://, www and slash from URL in PHP?
How to bulk update mysql data with one query?
PHP read and write JSON from file
How to write html code inside <?php ?>, I want write html code within the PHP script so that it can be echoed from Backend [closed]
Call to undefined function curl_init() even it is enabled in php7
Convert utf8-characters to iso-88591 and back in PHP
How to set UTF-8 encoding for a PHP file
Request headers bag is missing Authorization header in Symfony 2?
Use Laravel to Download table as CSV
Check if a string contain multiple specific words
Redirect to external URL with return in laravel

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!