Session Variable - when do they time out

Anon

I have written a php applicant that is for key puncher. I save some of the data after they add it the first time in a session variable array. I works great but my problem is the session variable array does not time out if the go to another site and then they come back to the site. The session variable array is still there.

Thanks you for your help.

Ron

Anon

Well yeh thats how sessions work, they're designed that way so that an unknowing user doesn't accedently log themselves out by pressing the wrong button.

What you can do is lower the session time out value in php.ini, or you could check the value of the server variable HTTP_REFERER and if the page wasn't linked to by an internal page then you can have the script ask for the login credentials again.

FYI the best way to get this value is using the $GLOBALS array as such:

$GLOBALS["HTTP_REFERER"]

Anon

Session variables expire when the browser is closed.

/Mike