0

I have logout page when i click on logout or close the tab, session gets destroy. I want if user forgot to click on logout and if user visit the site after 4-5 days still the session should continue.

I have following logout script:

<?php
session_start();
session_regenerate_id(true);
unset($_SESSION['uid']);
unset($_SESSION['uname']);

session_destroy();

header("location:http://shopeeon.com/");
?>
Rashmi Sonke
  • 43
  • 1
  • 10
  • for more sure you can also add $_SESSION = []; –  Feb 10 '16 at 09:52
  • sessions are destroyed as per `session.gc_maxlifetime` and `session.cookie_lifetime` as well as maybe a few others within php.ini or `ini_set`. [you can read some of the comments on this question](http://stackoverflow.com/questions/25485077/is-it-possible-to-set-unlimited-session-timeout-in-php) – Bob Nocraz Feb 10 '16 at 10:01

3 Answers3

0

You need to change value of your session timeout in PHP configuration file. Don't forget to restart Apache. See this answer .

Community
  • 1
  • 1
olegsv
  • 1,422
  • 1
  • 14
  • 21
0

If you want your user to be logged back in after closing a browser (and the session dying), then you need to use a cookie to identify the user securely.

Search on here for some similar questions; examples

Community
  • 1
  • 1
Egg
  • 1,782
  • 1
  • 12
  • 28
0

I have used this htaccess in root :

<IfModule mod_php5.c>
    #Session timeout
    php_value session.cookie_lifetime 31536000
    php_value session.gc_maxlifetime 31536000
</IfModule>
Faiyaz Alam
  • 1,191
  • 9
  • 27
  • do i have to make this changes in php.ini file – Rashmi Sonke Feb 10 '16 at 11:40
  • @RashmiSonke. If you use .htaccess file in root folder with above code then you do not need to modify php.ini file. – Faiyaz Alam Feb 10 '16 at 11:44
  • i m on shared host and .htaccess file is not editable – Rashmi Sonke Feb 10 '16 at 12:18
  • @RashmiSonke. ok. now you have to modify php.ini file. If you do not have access to this file, create a new file inside root folder 'php.ini' and paste this code session.gc_maxlifetime = 48000 session.cookie_lifetime = 48000 – Faiyaz Alam Feb 10 '16 at 12:48
  • If the user revisits the site after 4/5 days, the session will have been destroyed. I do not see this solution working for a revisit; therefore you need the help of cookies as per my answer. – Egg Feb 12 '16 at 09:27