PHP - Destroy session if not any action in 10 minutes

php session session-timeout

33,968

Solution 1

session_start();

// 10 mins in seconds
$inactive = 600; 

$session_life = time() - $_SESSION['timeout'];

if($session_life > $inactive) {
   session_destroy();
   header("Location: logoutpage.php");
}

$_SESSION['timeout']=time();

The code above was taken from this particular page.

Solution 2

Try setting the session timeout to 10 minutes.

ini_set('session.gc_maxlifetime',10);

Solution 3

I've done it with the following code:

//10 min
if( !isset($_SESSION['logout']) ){
      $_SESSION['logout'] = strtotime('+10 minutes', time()); 
    }

    if( time() > $_SESSION['logout'])
    {
      session_destroy();
        header("Location: index.php"); 
    }else{
            $_SESSION['logout'] = strtotime('+10 minutes', time());
        }
    //echo date('Y/m/d h:i:s',$_SESSION['logout']);
    //echo $_SESSION['logout'];

Solution 4

i've modified the answer above, and it works fine :

// inactive in seconds
$inactive = 10;
if( !isset($_SESSION['timeout']) )
$_SESSION['timeout'] = time() + $inactive; 

$session_life = time() - $_SESSION['timeout'];

if($session_life > $inactive)
{  session_destroy(); header("Location:index.php");     }

$_SESSION['timeout']=time();

Solution 5

Including the following javascript in the page will cause a check for inactivity by calling the function CheckIdleTime() every second. Activity on the page resets _idleSecondsCounter to 0.

<script type="text/javascript">
    var IDLE_TIMEOUT = 10 * 60;  // 10 minutes of inactivity
    var _idleSecondsCounter = 0;
    document.onclick = function() {
        _idleSecondsCounter = 0;
    };
    document.onmousemove = function() {
        _idleSecondsCounter = 0;
    };
    document.onkeypress = function() {
        _idleSecondsCounter = 0;
    };
    window.setInterval(CheckIdleTime, 1000);
    function CheckIdleTime() {
        _idleSecondsCounter++;
        var oPanel = document.getElementById("SecondsUntilExpire");
        if (oPanel)
            oPanel.innerHTML = (IDLE_TIMEOUT - _idleSecondsCounter) + "";
        if (_idleSecondsCounter >= IDLE_TIMEOUT) {
            // destroy the session in logout.php 
            document.location.href = "logout.php";
        }
    }
</script>

View more solutions

33,968

Author by

Eli_Rozen

Updated on July 09, 2022

Comments

Eli_Rozen almost 2 years

Is there any option to destroy a session if user does not perform any action in 10 minutes?
Frankie over 12 years

it's SO (StackOverflow) style to post the code directly and then link to the source. That way in a couple of years if the source closes your answer is still helpful. But don't forget to link!
André Kool about 6 years

@Frankie Please make sure you edit it correctly next time. You removed part of the link making it point to a completely different thread!
L_J almost 6 years

While this code may answer the question, providing information on how and why it solves the problem improves its long-term value.
Azhar Uddin Sheikh almost 3 years

where should i put this line of code in session.php?