PHP SESSIONS

[mattyvx]

Hi,

 

I've create a script where users can log into my site and then edit their details, the updated details are then stored to my database.

 

The users sessions are opened so the user can update their profile information and then log out. This time should be no longer than 2 hours.

 

Currently im opening the session with

 

session_start();
if((!isset($_SESSION['Email'])) || (!isset($_SESSION['Password']))){
header("location:login.php");
exit;
}

 

The questions are;

 

1) Should i set a path for these sessions to be stored?

2) How can I set an expirey time on these sessions i.e. 2 hours max

 

Thanks in advance

 

 

[Garethp]

1) No

2) When you login, set $_SESSION['Logintime'] = time();

Then at the top of every page, under session_start();

 

if(isset($_SESSION['Logintime']) && ($_SESSION['Logintime'] - time()) > 7200)
{
//Logout
}

[mattyvx]

great, I take the time variable (7200) is in seconds...

 

So if i implement this,

 

with

 

session_destroy();

 

in the "//logout " part of the script will this remove the session completely?

 

I don't want a build up of unused and uneeded session files on my server.

[Garethp]

Pretty much, yeah. But Sessions are automatically destroyed if they go unused for a certain period of time, or if a person closes their browser

[mattyvx]

thanks for your help,

 

oh and 10/10 for the new look site..... any ideas how to mark as topic solved? Its moved!!!

 

[Garethp]

When they upgraded, they lost the topic solved mod, and it's yet to be reimplemented

[mattyvx]

open forever muhahah!

 

Well when it comes back. This topic is SOLVEDSVILLE!