session time out

staffanolin

Is it possible to set timeout to a session
in some way.

I've read the manual, and found nothing about it, so I
would be glad if someone could tell me
how to do it, if possible.

Thanks !

/Staffan

Anon

I think what you want is to change the session.gc_maxlifetime value in your php.ini file.

See the session configuration options at http://www.php.net/manual/ref.session.php for details.

staffanolin

The thing is that it's not my server, so I don't think I can edit the php.ini file..

is it some way I can sett session.gc_maxlife
without editing the php.ini file ?

/Staffan

wimvds

I had the same problem, and tried to solve it using an extra session variable which I set to the current time everytime the script is executed.

I wrote a small php file that is included in every script that needs session support:

<?php

// Session time-out = 30 mins. (1800 secs)
define("SESSION_TIMEOUT", "1800");

session_start();

// If user is logged in, check for time-out
if ($authenticated == 1)
{
if (isset($lastaction) && (($lastaction + SESSION_TIMEOUT) < time()))
{
// Session timed out
$authenticated = 0;
}
}

if (!session_is_registered("authenticated") || $authenticated != 1)
{
session_destroy();
Header("Location: login.php");
exit;
}
else
{
$lastaction = time();
session_register("lastaction");
}
?>

BTW In login.php I set $authenticated to 1 and register it as a session variable, a more restrictive approach should be used for live systems though...

Hope this helps,

Wim Vandersmissen
The Independents