From: "pete M" <[EMAIL PROTECTED]> > How do I set the session timeout - eg someone leaves a broweser for say > half an hour then have to log in again.. > > As I'm on an intranet I want to increase ro 3 hours
Exact method: Save the current time on each request in the session. On each request, check that time and if it's over 3 hours, then end the session / force them to log in again. Approx. Method: Look at the session.gc_maxlifetime setting in php.ini. This setting controlls when session files are cleaned up. If the files have not been accessed in "gc_maxlifetime" seconds when the garbage collection is initiated, then the file is deleted. Upon the next request, the session will be empty and the user should be forced to log in again. I say this is approx. because garbage collection is triggered on a random process based upon your requests. So files can run over the "gc_maxlifetime" setting sometimes if the collection isn't triggered. I just rely on this, though... it's close enough for government work. :) ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php