Is this a viable session expire?

Question

Basically what I wanted was to create a session with an expire time of 24 hours. And I wrote this:

session_start();
if (!isset($_SESSION['TIME_START']) || $_SESSION['TIME_START'] < time()) {
        $_SESSION['TIME_START'] = time();
} else if ($_SESSION['TIME_START'] > 60 * 60 * 24) {
    session_destroy();
}

I would like to know if this is a valid, viable or good practice to do it. Thanks!

A session _uses_ a cookie. Look at [session_set_cookie_params](http://php.net/session_set_cookie_params). — Spooky, Mar 14 '15 at 05:00

score 0 · Accepted Answer · answered Feb 18 '15 at 06:08

0

1 - A session lifetime, is set by default by the server side. Check session.gc_maxlifetime parameter in php.ini

2 - As Rakesh Sharma said, maybe better to use Cookies

3 - if (!isset($_SESSION['TIME_START']) || $_SESSION['TIME_START'] < time()) { in this case, you will reset your $_SESSION['TIME_START'] each time the user go through this function under the 24 hours requested in your needs. Is that wanted ?

answered Feb 18 '15 at 06:08

zeflex

1,487
1
14
29

Yes, I want the session to reset every time they go through this function, sorry if this was a stupid question I've only been into PHP for 5 days. – McQueso Feb 18 '15 at 06:20
@McQueso can you explain what are your requirements exactly ? – zeflex Feb 18 '15 at 06:21
Is for a login session, to see for how much time they've been logged in, each day they would have to log in again – McQueso Feb 18 '15 at 06:23
In this case, use cookies it's better than using Sessions for your requirements. – zeflex Feb 19 '15 at 03:53

Is this a viable session expire?

1 Answers1