In following php script, we explain you that how you can expire session after 30 minutes. Execution a session timeout on your own is that the best answer. Use a straightforward time stamp that denotes the time of the last activity and update it with each request.
CODE USAGE
<?php
/*
Online PHP Examples with Source Code
website: http://4evertutorials.blogspot.in/
*/
if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 1800))
{
/* last request was more than 30 minutes ago */
// unset $_SESSION variable for the run-time
session_unset();
// destroy session data in storage
session_destroy();
}
// update last activity time stamp
$_SESSION['LAST_ACTIVITY'] = time();
// You can also use an additional time stamp to regenerate the session ID periodically to avoid attacks on sessions like session fixation:
if (!isset($_SESSION['CREATED']))
{
$_SESSION['CREATED'] = time();
}
else if (time() - $_SESSION['CREATED'] > 1800)
{
/* session started more than 30 minutes ago */
// change session ID for the current session an invalidate old session ID
session_regenerate_id(true);
// update creation time
$_SESSION['CREATED'] = time();
}
?>
0 comments:
Post a Comment