w3resource

Set PHP session timeout: 30 minutes of inactivity

11. Session Timeout After 30 Minutes

Write a PHP script to set a session timeout after 30 minutes of inactivity.

Sample Solution:

PHP Code :

<?php
session_save_path('i:/custom/');
session_start();

// Set the session timeout duration in seconds
$sessionTimeout = 1800; // 30 minutes

// Check if the session has already been started and calculate the time since the last activity
if (isset($_SESSION['LAST_ACTIVITY'])) {
    $lastActivity = $_SESSION['LAST_ACTIVITY'];
    $currentTime = time();
    $timeSinceLastActivity = $currentTime - $lastActivity;

    // Check if the session has exceeded the timeout duration
    if ($timeSinceLastActivity > $sessionTimeout) {
        // Session expired, destroy the session
        session_unset();
        session_destroy();
        echo "Session expired. Please log in again.";
    } else {
        // Update the last activity time
        $_SESSION['LAST_ACTIVITY'] = $currentTime;
        echo "Session active.";
    }
} else {
    // Set the last activity time for the session
    $_SESSION['LAST_ACTIVITY'] = time();
    echo "Session started.";
}
?>

Sample Output:

Session started.

After few seconds 
Session active.

Explanation:

In the above exercise -

  • Start the session using session_start() to initialize the session.
  • Define the session timeout duration in seconds. In this case, it's set to 1800 seconds (30 minutes).
  • Check if the session has already been started by verifying if the LAST_ACTIVITY session variable is set. If it is set, it means the session is active, and we check the time since the last activity.
  • Inside the if block, we calculate the time since the last activity by subtracting the stored LAST_ACTIVITY value from the current time using time(). This gives us the variable $timeSinceLastActivity.
  • We then compare $timeSinceLastActivity with the session timeout duration. If it exceeds the timeout, we destroy the session using session_unset() and session_destroy(), and display the message "Session expired. Please log in again."
  • If the session is still active (within the timeout duration), we update the LAST_ACTIVITY session variable to the current time and display the message "Session active."
  • If the session has not been started yet, we set the LAST_ACTIVITY session variable to the current time using time() and display the message "Session started."

Flowchart:

Flowchart: Set PHP session timeout: 30 minutes of inactivity.

For more Practice: Solve these Related Problems:

  • Write a PHP script to implement a session timeout by checking the last activity time and destroying the session after 30 minutes of inactivity.
  • Write a PHP function that stores the current time in a session variable and logs the user out if 30 minutes have passed.
  • Write a PHP program to create a session timeout mechanism that resets the timer on each user action.
  • Write a PHP script to compare the current timestamp with a session variable and end the session when the timeout threshold is exceeded.

Go to:


PREV : Retrieve Session User Preferences.
NEXT : Display Number of Active Sessions.

PHP Code Editor:



Contribute your code and comments through Disqus.

What is the difficulty level of this exercise?

Test your Programming skills with w3resource's quiz.



Follow us on Facebook and Twitter for latest update.