1. Create a file called session_keep.php in the main folder with the following code (you can create a file with any name)
Code: Select all
<?php
$script_name = basename($_SERVER['PHP_SELF']);
$user = getLoggedMemberID();
if($script_name == 'index.php' && (isset($_GET['signIn']) || isset($_GET['loginFailed'])) || $user == "guest"){ // this prevents session out in login page and guest access pages
session_unset();
session_destroy();
}
else {
session_start();
if($_SESSION['session_count'] == 0) {
$_SESSION['session_count'] = 1;
$_SESSION['session_start_time']=time();
} else {
$_SESSION['session_count'] = $_SESSION['session_count'] + 1;
}
$session_timeout = 60; // enter number of seconds here for session to live (in sec) - 60 = 1 minute - 1800/60 = 30 min
$session_duration = time() - $_SESSION['session_start_time'];
if ($session_duration > $session_timeout) {
session_unset();
session_destroy();
session_start();
session_regenerate_id(true);
header("Location: index.php?signIn=1"); // Redirect to Login Page - index.php?signIn=1 - or whatever you wish
$_SESSION['custom_err_msg']= "Your session has expired !!! Please login again"; // Enter the session out prompt you want
} else {
$_SESSION['session_start_time']=time();
}
}
?>
Code: Select all
<?php
include("$currDir/session_keep.php");
?>
You can set the session out time in seconds in $session_timeout
This session out will not work on the login page and guest access pages because they are not used by logged in users
Feel free to comment