How to Have Session Expire 900s After Last Click

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
DMcK
Forum Newbie
Posts: 7
Joined: Tue Nov 02, 2004 4:43 pm

How to Have Session Expire 900s After Last Click

Post by DMcK »

Hello,
I've got a session issue that I can't find any solution for. My sessions are working correctly, but they always expire after 900 seconds. I would like my users' sessions to expire after 900 seconds of inactivity. So, for example, if a user is moving around the "manage my account" area, the session expiry is set 900 seconds from their last click.

I currently have this in my .htaccess file to enable the current 900s expiry:
php_value session.cookie_lifetime "900"

I tried this in my code, but sessions wouldn't work:
ini_set('session.cookie_lifetime',900);
session_start();

Any suggestions?
Thanks,
Doug
rehfeld
Forum Regular
Posts: 741
Joined: Mon Oct 18, 2004 8:14 pm

Post by rehfeld »

i thought thats how you did it....
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

1. create a table in your database
2. on every page load do the following

a. check to see if their sessionid exists
b. if exists update with new timestamp (right now)
c. if does not exist create a row with their sessionid, and current time

3. run a seperate function to check for expired sessions... maybe a chron??

a. if expired delete them
DMcK
Forum Newbie
Posts: 7
Joined: Tue Nov 02, 2004 4:43 pm

Post by DMcK »

Thanks, Phenom. That's a good idea. I'll do that.

rehfeld, an undesired result can occur if I keep the method I am using...if a user logs in, waits a while, then starts changing something in their account, the session could expire while they are making their change and they would have to log back in and re-enter their change(s). That isn't a good thing.

Doug
rehfeld
Forum Regular
Posts: 741
Joined: Mon Oct 18, 2004 8:14 pm

Post by rehfeld »

yes i realize that. in fact just the other day that exact thing happened to me, filling out on application online, took me 45 min, then hit submit to see that beautiful session timed out error message. and thanks to the webmaster that allowed the entire form to clear when i hit the back button too :) lol. i need a new keyboard now :D

but what i meant is i thought the cookie lifetime was updated at every request(a new cookie sent), lord knows why i assumed that, but i did.
DMcK
Forum Newbie
Posts: 7
Joined: Tue Nov 02, 2004 4:43 pm

Post by DMcK »

Ah...I thought it would work that way too. Maybe it is the way my host has set things up. Maybe sessions just work this way. It's on my long To Do list of fixes now.
Doug
Post Reply