Jump to content

[SOLVED] how to timeout $_SESSION after 5 minutes of idle time


clown[NOR]

Recommended Posts

well... here i go again... When I log in on my website I want to be automaticly logged out if i'm idle more than 5 minutes... I have everything working on my login... so all i need to do is to fix that idle part... anyone have a good idea on how to do that??

the issue here is that i'm not using a DB i'm using a flat file.. but when i think about it... this is only my personal website, and i'm the only one logging in... so if i just make a file and add the time into that... it should count as a logout...or am i wrong?

well... that didn't work... i added the limiters to the top of index.php and just messed around on the site for a couple of seconds... then i left it alone for about 10 minutes... but i was still logged in.. this is what I'm using

 

	
if (isset($_SESSION['login'])) {
	session_cache_limiter('login');
	session_cache_limiter('user');
	session_cache_expire(5);
}

can i use something like this?

 

<?php
if (isset($_SESSION['timestamp'])) {
$ct = date("g:i");
if ($ct < $_SESSION['timestamp']) {
	list($hr,$min)=split(":", $ct);
	$min = $min+5;
	$ts = $hr . ":" . $min;
	$_SESSION['timestamp'] = $ts;
} else {
	unset($_SESSION['timestamp']);
	unset($_SESSION['login']);
	unset($_SESSION['user']);
}
}
elseif (!isset($_SESSION['timestamp'])) {
	$ct = date("g:i");
	list($hr,$min)=split(":", $ct);
	$min = $min+5;
	$ts = $hr . ":" . $min;
	$_SESSION['timestamp'] = $ts;
}
?>

as a side note:

In the php.ini, you can configure the session.gc_maxlifetime setting. This setting controls how long a session may live before the garbage collector kills it because it has expired. Then, in your own script, if you feel the php.ini setting is too short, you can specify your own gc_maxlifetime by using ini_set().

 

so to sum up.. to make sessions short isn't a problem

 

have you tried adding this

 

<?php
ini_set("session.gc_maxlifetime","300") //5*60 = 300 secs

?>

yeah... but the issue is that I use sessions to remember peoples name and url in the shoutbox... so if i kill them every 5 minutes that means that the name and urls in the shoutbox disapears to.. hehe

yeah probably... but the one i wrote (even tho it's much more complicated than what you made) worked=) hehe... but thanks anyway

 

another simple question... do i have my own php.ini file for my domain? cuz I would like to set the time up to a really long time... since now when I had been idle for a while all my sessions was gone ... hehe =) that means, my name and url in the shoutbox was gone to =)

 

what's the highest number I can set that ini_set("session.gc_maxlifetime","300") to?

php.ini files are for the whole server not just for a single domain(as far as i know)

 

session.gc_maxlifetime can be set as high as you like but will have NO AFFECT if its higher than the one set in the php.ini file

 

basically the system will run a trash collection (set by the  php.ini file) you can use session.gc_maxlifetime to tell the system to cleanup sooner but thats for your sessions the one set in the php.ini is global (all domain)

 

i maybe wrong but thats what believe

oh ok... well that sucked...hehe =) oh well... looks like i need to go back to the cookies...hehe... hopefully they like me more now than they did earlier =) i'm conviced that the setcookie() function hates me

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.