0

In certain circumstances the time before a client's session will expire needs to be adjusted; the adjustment to the period of time required for the session to timeout must be applied during the session. I have tried the following without success:

ini_set('session.gc_maxlifetime', 3);
session_set_cookie_params(3);

After waiting several seconds the session is clearly not expiring. I'm only attempting to test a short timeout as I'm not interested in ending a session immediately.

How do I adjust the session to timeout at a different period of time without destroying the current session?

Test Case One: a client often leaves his computer for an hour to attend a meeting and returns to finish adding content to find out that the session expired and his work has been lost. However he insists that he authenticate every morning.

Test Case Two: a second user insists that if their computer is idle for longer than two minutes that they be signed out.

John
  • 1
  • 13
  • 98
  • 177
  • Why not store it in a database with a boolean flag and check to see if they're logged in and using a logout method for them to click and end the session? – Funk Forty Niner Dec 23 '18 at 20:22
  • @FunkFortyNiner Database queries are *relatively* expensive. Plus I wouldn't learn anything new if I didn't try to expand my understanding of the programming language. – John Dec 23 '18 at 20:23
  • you won't learn anything worth learning doing it incorrectly, @FunkFortyNiner suggested the correct way to do it. If you insist, the default session is stored as cookie information and it's not the most secure place. In any case, you may store the user session expiration time in `$_SESSION` and update it on each request. https://stackoverflow.com/questions/520237/how-do-i-expire-a-php-session-after-30-minutes this question has all the necessary information. – Sergey Telshevsky Dec 23 '18 at 22:23
  • maybe this will assist you https://stackoverflow.com/questions/8311320/how-to-change-the-session-timeout-in-php – A. Meshu Dec 23 '18 at 22:24

0 Answers0