PHP Session timeout

Question

I am creating a session when a user logs in like so:

$_SESSION['id'] = $id; 

How can I specify a timeout on that session of X minutes and then have it perform a function or a page redirect once it has reached X minutes??

EDIT: I forgot to mention that I need the session to timeout due to inactivity.

Answer 1

first, store the last time the user made a request

<?php   $_SESSION['timeout'] = time(); ?> 

in subsequent request, check how long ago they made their previous request (10 minutes in this example)

<?php   if ($_SESSION['timeout'] + 10 * 60 < time()) {      // session timed out   } else {      // session ok   } ?> 

Answer 2

When the session expires the data is no longer present, so something like

if (!isset($_SESSION['id'])) {     header("Location: destination.php");     exit; } 

will redirect whenever the session is no longer active.

You can set how long the session cookie is alive using session.cookie_lifetime

ini_set("session.cookie_lifetime","3600"); //an hour 

EDIT: If you are timing sessions out due to security concern (instead of convenience,) use the accepted answer, as the comments below show, this is controlled by the client and thus not secure. I never thought of this as a security measure.