Hello,
I've got a session issue that I can't find any solution for. My sessions are working correctly, but they always expire after 900 seconds. I would like my users' sessions to expire after 900 seconds of inactivity. So, for example, if a user is moving around the "manage my account" area, the session expiry is set 900 seconds from their last click.
I currently have this in my .htaccess file to enable the current 900s expiry:
php_value session.cookie_lifetime "900"
I tried this in my code, but sessions wouldn't work:
ini_set('session.cookie_lifetime',900);
session_start();
Any suggestions?
Thanks,
Doug
How to Have Session Expire 900s After Last Click
Moderator: General Moderators
- John Cartwright
- Site Admin
- Posts: 11470
- Joined: Tue Dec 23, 2003 2:10 am
- Location: Toronto
- Contact:
1. create a table in your database
2. on every page load do the following
a. check to see if their sessionid exists
b. if exists update with new timestamp (right now)
c. if does not exist create a row with their sessionid, and current time
3. run a seperate function to check for expired sessions... maybe a chron??
a. if expired delete them
2. on every page load do the following
a. check to see if their sessionid exists
b. if exists update with new timestamp (right now)
c. if does not exist create a row with their sessionid, and current time
3. run a seperate function to check for expired sessions... maybe a chron??
a. if expired delete them
Thanks, Phenom. That's a good idea. I'll do that.
rehfeld, an undesired result can occur if I keep the method I am using...if a user logs in, waits a while, then starts changing something in their account, the session could expire while they are making their change and they would have to log back in and re-enter their change(s). That isn't a good thing.
Doug
rehfeld, an undesired result can occur if I keep the method I am using...if a user logs in, waits a while, then starts changing something in their account, the session could expire while they are making their change and they would have to log back in and re-enter their change(s). That isn't a good thing.
Doug
yes i realize that. in fact just the other day that exact thing happened to me, filling out on application online, took me 45 min, then hit submit to see that beautiful session timed out error message. and thanks to the webmaster that allowed the entire form to clear when i hit the back button too
lol. i need a new keyboard now 
but what i meant is i thought the cookie lifetime was updated at every request(a new cookie sent), lord knows why i assumed that, but i did.
but what i meant is i thought the cookie lifetime was updated at every request(a new cookie sent), lord knows why i assumed that, but i did.