Hello,

I went to PHP.net and copied the following code and put it before my session_start() tag and I let it set for more than 1 minute...when I came back, my session was not destroyed......

<?
/* set the cache limiter to 'private' */

session_cache_limiter('private');
$cache_limiter = session_cache_limiter();

/* set the cache expire to 30 minutes */
/* I changed it to 1 minute for my test */
session_cache_expire(1);
$cache_expire = session_cache_expire();

session_start();
?>

My site uses sessions to manage whether or not a user is logged in:

<?
session_start();
if ( empty( $FirstName ) ) {
} else { include 'db-login.php';
//db-login.php is database information
// rest of site below
?>

this will display a blank page if you don't log-in before coming to a page. the $FirstName variable is a session created during log-in validation.

so, in theory, when I added the session expire if I went to a page the sessions should be non existant thus displaying a blank page.......right? or did I mis-understand the purpose of session_expire. When I clicked a link in my navagational bar a few minutes later it did not display a blank page, it displayed the page in it's entirety which meant that the session was still valid.

What I'm trying to do is make the user automatically logged out after x amount of minutes. If I'm going about this the wrong way could someone point me in the right direction? I know I could use meta refresh, but I would like to avoid that. Also, if I could display an alert telling the user why they have been logged off that would be helpfull.

Can anyone help me figure this out?

Thanks,