Right now when a user clicks the logout button it calls my logout function which does this

//Logout
function logout()
{
		//logout if they are currently logged in
		$_SESSION = array();
		session_destroy();
		setcookie(session_name(),'',time()-300);
		header("Location: login.php");
		exit();
}

However, in addition to this I would like to set it up to also destroy the session and log out after a period of inactivity, probably 15 minutes or so. Just trying to determine the best method of handling this?

Thank you!

    ini_set("session.gc_maxlifetime", "60");

    that's 1 minute,

    easier to do in php.ini if you can.

      dagon;10927839 wrote:
      ini_set("session.gc_maxlifetime", "60");

      that's 1 minute,

      easier to do in php.ini if you can.

      However, that's also dependent upon the [man]session.gc_probability[/man] and [man]session.gc_divisor[/man] settings. Generally the main setting to control how long a session lasts is to set a non-zero number of seconds for the [man]session.cookie_lifetime[/man] value (or via the [man]session_set_cookie_params/man function, but then it must be done in every file before the session_start().)

        Write a Reply...