Idle timeout in Apache/php

Hi experts,
How should i implement the idle timeout functionality in my php pages. I want to set a centralized idle timeout setting. Instead of setting it in all php pages, is there any way i can do it in a centralized manner. The php pages are deployed in apache server.
I want the idle time out to be set as 30min.

Thanks
sandhya01Asked:
Who is Participating?
 
Ray PaseurCommented:
Here is how to handle the logout portion of the process.

HTH, ~Ray
<?php // RAY_logout.php
error_reporting(E_ALL);
 
define('COOKIE_LIFE', 60*60*24); // A 24-HOUR DAY IN SECONDS ( = 86,400 )
$cookie_expires	= time() - date('Z') - COOKIE_LIFE;
 
// CLEAR THE INFORMATION FROM THE $_SESSION ARRAY
$_SESSION = array();
 
// IF THE SESSION IS KEPT IN COOKIE, FORCE SESSION COOKIE TO EXPIRE
if (isset($_COOKIE[session_name()]))
{
   setcookie(session_name(), '', $cookie_expires, '/');
}
 
// TELL PHP TO ELIMINATE THE SESSION
session_destroy();
 
// CLEAR ALL COOKIES WITH THIS CODE
foreach ($_COOKIE as $key => $value)
{
   setcookie($key, '', $cookie_expires, '/');
}
 
// OPTIONAL BUT MAYBE A GOOD IDEA - REDIRECT TO THE HOME PAGE
header("Location: /");
exit;
?>

Open in new window

0
 
Ray PaseurCommented:
What do you want to make happen after the 30 minutes?
0
 
sandhya01Author Commented:
I want it to get redirected to my logout.php page.

Is there something that can be done in .htaccess or php.ini file, as i am interested in providing a centralized idle time out setting.
0
Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

 
Ray PaseurCommented:
Makes sense.  How about this for a 30-minute timeout?  I have not tested it, so beware of my ever-present typos.  The theory is sound. ;-)

A usual component of a "logout" is to eliminate the client's session.  In a moment I will post an example script for that purpose.
<?php 
// CHANGE THE SESSION TIMEOUT VALUE
// 60*60 * 8 = 8 HOURS
// STORE THIS VALUE IN A VARIABLE SO IT IS EASY TO CHANGE AND TEST
$my_timeout_value = 60*30; // 30 MINUTES
 
// SET THE LIFETIME IN THE SCRIPT (OR USE PHP.INI)
ini_set('session.gc_maxlifetime', $my_timeout_value);
 
// MAKE THE SESSION COOKIE AVAILABLE TO ALL SUBDOMAINS
// OUR GOAL IS A DOMAIN NAME THAT STARTS WITH DOT AND OMITS WWW OR OTHER SUBDOMAINS.
// BREAK THE HOST NAME APART AT THE DOTS
$x = explode('.', strtolower($_SERVER["HTTP_HOST"]));
if (!is_array($x)) // MAYBE 'localhost'?
{
   $host = $x;
} else // SOMETHING LIKE 'www2.atf70.whitehouse.com'?
{
// USE THE LAST TWO POSITIONS TO MAKE THE HOST DOMAIN
   $y    = count($x);
   $host = '.' . $x[$y-2] . '.' . $x[$y-1];
}
 
// START THE SESSION AND SET THE COOKIE FOR ALL SUBDOMAINS
$sess_name = session_name();
if (session_start())
{
   setcookie($sess_name, session_id(), NULL, '/', $host, FALSE, TRUE);
}
 
// OTHER THINGS MAY GO HERE, AND... 
// WHEN WE WRITE THE HTML WE INCLUDE THIS INSTRUCTION TO THE BROWSER
echo "\n<meta http-equiv=\"refresh\" content=\"$my_timeout_value;url=/logout.php\" />\n";

Open in new window

0
 
sandhya01Author Commented:
Hi
I have created a logout.php page seperately, that handles all my session related variables and cookies.
so by including this in all the page:

$logout_url = 'http://'.$_SERVER['HTTP_HOST'].'/logout.php';
header( "refresh: 1800; url=$logout_url");

I am able to provide the idle time out feature in my php pages.

What you all think of the above code, is it fine to do like this/

Thanks

0
 
Ray PaseurCommented:
I think that would work.  It does the same thing as the <meta> tag - tells the browser to start a clock and where to go when the clock expires.

Either way, meta or header, the refresh IS GOING TO OCCUR when the clock expires, even if the cleint is still typing.  

Best regard, ~Ray
0
 
sandhya01Author Commented:
The answer were good but I had a better solultion to the questions, which even was accepted by the Experts. Even though, I express thanks to everyone who tried to help me.

Thanks
0
 
Ray PaseurCommented:
sandhya01: For the benefit of others, would you please post your solution?  Thanks. ~Ray
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.