0

Other examples have not worked for me, curious how to go about making a session expire after 30 min. I have this code on a landing page that sets the session, so after filling out a form you go to the download page. The purpose of the session (and I know its not 100% secure) is to prevent people from going directly to the download page. The $_REQUEST stuff is just for tracking, we don't want people on these pages that didn't come from specifically formed landing page url's. I would like to make this session expiere after 30 min so a user could not keep going back to the download page bypassing the sign up page.

<?php
    session_start();
    $_SESSION["loggedIn"] = 'Y';
    //the below is for google analytics tracking purposes, please ignore.
    if (isset($_REQUEST['utm_source']) && (!empty($_REQUEST['utm_source']))) {
?>
<!DOCTYPE html>
     <head></head>
     <body>
         //all page code here
      </body>
 </html>
 <?php
     } else {

     header( 'Location: http://www.anothersite.com' ) ;

    }
  ?>
Dirty Bird Design
  • 5,333
  • 13
  • 64
  • 121
  • 1
    possible duplicate of [PHP Session timeout](http://stackoverflow.com/questions/3068744/php-session-timeout) – Pitchinnate Oct 04 '13 at 21:08
  • By default a `session` will expire after 1440 seconds, as in 24 minutes. Did you search SO or google for any solutions? – dbf Oct 04 '13 at 21:10
  • 1
    @dbf, I'm pretty sure that's a server setting, so you can't count on it being that. There's a good rundown on how to set session expiration [here](http://stackoverflow.com/questions/520237/how-do-i-expire-a-php-session-after-30-minutes/1270960#1270960). – EmmyS Oct 04 '13 at 21:13
  • @EmmyS that's where the `By default` stands for ;) I could use all these lines to tell how to expire a `session` but I don't see any research/tried by the OP of any kind – dbf Oct 04 '13 at 21:15
  • @dbf not our server. thanks though. – Dirty Bird Design Oct 06 '13 at 23:40

1 Answers1

1

Its better to use cookie and set expire time as (time()+(30*60)) or you can use session such as:

//set session to now + 30 minute
$_SESSION['expire'] = time()+(30*60);

//check 
if($_SESSION['expire'] <= time()){
 //destroy session
}

But there is one fact, session will be terminated automatically when user closes the browser window.

Jason OOO
  • 3,567
  • 2
  • 25
  • 31