Session time out when idle not working php

Question

I have written some code to timeout a session;

<?php

session_start();
// set timeout period in seconds
$inactive = 10;
// check to see if $_SESSION['timeout'] is set
if(isset($_SESSION['timeout']) ) {
$SESSION_life = time() - $_SESSION['timeout'];
if($SESSION_life > $inactive)
{ session_destroy(); header("Location: login.php");exit;  }
}
$_SESSION['timeout'] = time();


if (isset($_SESSION['username'])) {

    echo "<center>Welcome </center>"  ; //     echo "<p> </p>";
    echo " <center>". $_SESSION['username']. "</center>" ;
    echo  "<br /><center>".$_SESSION["role"]."<br /></center>" ;

}else{

    header("location:login.php");

}

However, the session does not timeout if it's idle for 10 seconds.

If you modified the code - change the question correspondingly. — zerkms, Feb 08 '15 at 20:39

score 2 · Accepted Answer · answered Feb 08 '15 at 20:26

2

Looks like your almost there. I would try this:

<?php

session_start();

$inactive_time = 10;

if(isset($_SESSION['last_active_time'])){

   $time_since_last_active = time() - $_SESSION['last_active_time'];

   if($time_since_last_active >= $inactive_time){
      // The user has been inactive for too long
      session_destroy();
      header('Location: login.php');
      exit;
   }else{
      // Set the last active tim
      $_SESSION['last_active_time'] = time();
   }

}else{
    $_SESSION['last_active_time'] = time();
}

answered Feb 08 '15 at 20:26

ajtrichards

29,723
13
94
101

Works fine for me - are you waiting the 10 seconds? – ajtrichards Feb 08 '15 at 20:39
yep i did wait. i even changed the $inactive_time to 3sec and still it did not redirect to the login.php – fdfdfd Feb 08 '15 at 20:41
So what is the `$time_since_last_active` value? Have you not checked it? – zerkms Feb 08 '15 at 20:41
Uhm, `echo` or `var_dump()`? You don't know how output the values? – zerkms Feb 08 '15 at 20:44
echo-ed but it didnt output anything though – fdfdfd Feb 08 '15 at 20:47
`var_dump()`? I've suggested it with purpose – zerkms Feb 08 '15 at 20:52
ive done 'echo var_dump($time_since_last_active);' still nothing came out – fdfdfd Feb 08 '15 at 20:56
`var_dump` **ALWAYS** outputs something. If it didn't - you did not run it. And please check the documentation on it, `echo var_dump();` is so silly. – zerkms Feb 08 '15 at 20:57
Are you able to save any data in a session? Also, add to your script: `error_reporting(E_ALL); ini_set('display_errors', 'on');` That should help you – ajtrichards Feb 08 '15 at 21:01

Session time out when idle not working php

1 Answers1