Code: Select all
<?php
//Start session
session_start();
//Check whether the session variable id is present or not
if(!isset($_SESSION['id']) || (trim($_SESSION['id']) == '')) {
header("location: access_denied.php");
exit();
}
?>
Code: Select all
<?php
//address error handling
ini_set ('display_errors', 1);
error_reporting (E_ALL & ~E_NOTICE);
//Get the current page url to pass on to the session expired page.
$url=urlencode("http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 900)) {
// last request was more than 15 minates ago
session_destroy(); // destroy session data in storage
session_unset(); // unset $_SESSION variable for the runtime
header("location: session_expired.php?url=$url");
}
$_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp
?>
What do I need to do to keep the session permanently active until either the 15 minutes is reached or I manually sign out ? Often times the page upon refreshing, gets redirected to the access_denied.php which clearly indicates that my session id is not lingering on and gets destroyed prematurely. What do I do??