PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
since you're duplicating values, why not just see when the last communication from that session was? If over an hour, toss it. You can perform a quick check when loading a page against other sessions too (if you are using a database session system)
to determine when your browser will expire the cookie, you'll need to see what headers are sent.
As for checking if it's been an hour since last communication: you can use a table to store the session_id and last time they were seen, or you can store that timestamp in their session variables, etc..
I prefer to use database sessions myself. (If you want some examples of one way to set them up, look in the useful posts thread.)
becuase, in my shopping cart, after a hour the user still has the same items in cart etc. i thought after a hour they would get a new session id (no items in cart)
it's up to the browser to actually delete the cookie. If you keep updating it, it'll stay alive. If you check the actual headers that are sent to your browser, you'll see a specific date and time string of when the cookie should expire. If your server doesn't send certain other headers, such as the current time on the server, the browser will likely use the current time of the machine to determine how long the cookie actually lives.. which, if the server is already several hours ahead of you, means it will takes hours to delete.