A strict PHP session timeout setting method _ PHP Tutorial

A strict PHPSession session timeout setting method. Recently, a PHP project used the function of limiting the logon time. for example, if a user logs on to the system 60 minutes later, the system automatically exits if no operation is performed, I searched for the network and collected the following methods for reference to the function of limiting the logon time for a recent PHP project. for example, if a user logs on to the system 60 minutes later, the system automatically exits if no operation is performed, I searched for the network and collected the following methods for reference.

The first method is to set the php. ini configuration file and set the attribute values of the session. gc_maxlifetime and session. cookie_lifetime nodes. of course, you can also use the ini_set function to change the attribute values of the current context:

The code is as follows:

Ini_set ('session. gc_maxlifetime', "3600"); // second
Ini_set ("session. cookie_lifetime", "3600"); // second

The second method is to set the Session timestamp, for example, the following method.

When the logon succeeds, set the timestamp to 1 hour after the current time, $ _ SESSION ['expiretime'] = time () + 3600 ;. Use the following code to check user logon:

The code is as follows:

If (isset ($ _ SESSION ['expiretime']) {
If ($ _ SESSION ['expiretime'] <time ()){
Unset ($ _ SESSION ['expiretime']);
Header ('Location: logout. php? Timeout'); // logout
Exit (0 );
} Else {
$ _ SESSION ['expiretime'] = time () + 3600; // refresh the timestamp
}
}

According to laruence's article "How to set a strictly 30-minute overdue Session", we can combine the first and second methods to determine the Session timeout time.

...