PHP - Destroy session if not any action in 10 minutes

问题

Is there any option to destroy a session if user does not perform any action in 10 minutes?

回答1:

session_start();

// 10 mins in seconds
$inactive = 600; 

$session_life = time() - $_session['timeout'];

if($session_life > $inactive)
{  session_destroy(); header("Location: logoutpage.php");     }

S_session['timeout']=time();

The code above was taken from this particular page.

回答2:

Try setting the session timeout to 10 minutes.

ini_set('session.gc_maxlifetime',10);

回答3:

I've done it with the following code:

//10 min
if( !isset($_SESSION['logout']) ){
      $_SESSION['logout'] = strtotime('+10 minutes', time()); 
    }

    if( time() > $_SESSION['logout'])
    {
      session_destroy();
        header("Location: index.php"); 
    }else{
            $_SESSION['logout'] = strtotime('+10 minutes', time());
        }
    //echo date('Y/m/d h:i:s',$_SESSION['logout']);
    //echo $_SESSION['logout'];

回答4:

i've modified the answer above, and it works fine :

// inactive in seconds
$inactive = 10;
if( !isset($_SESSION['timeout']) )
$_SESSION['timeout'] = time() + $inactive; 

$session_life = time() - $_SESSION['timeout'];

if($session_life > $inactive)
{  session_destroy(); header("Location:index.php");     }

$_SESSION['timeout']=time();

回答5:

Including the following javascript in the page will cause a check for inactivity by calling the function CheckIdleTime() every second. Activity on the page resets _idleSecondsCounter to 0.

<script type="text/javascript">
    var IDLE_TIMEOUT = 10 * 60;  // 10 minutes of inactivity
    var _idleSecondsCounter = 0;
    document.onclick = function() {
        _idleSecondsCounter = 0;
    };
    document.onmousemove = function() {
        _idleSecondsCounter = 0;
    };
    document.onkeypress = function() {
        _idleSecondsCounter = 0;
    };
    window.setInterval(CheckIdleTime, 1000);
    function CheckIdleTime() {
        _idleSecondsCounter++;
        var oPanel = document.getElementById("SecondsUntilExpire");
        if (oPanel)
            oPanel.innerHTML = (IDLE_TIMEOUT - _idleSecondsCounter) + "";
        if (_idleSecondsCounter >= IDLE_TIMEOUT) {
            // destroy the session in logout.php 
            document.location.href = "logout.php";
        }
    }
</script>

回答6:

compare timestamps between two requests, one from the current request, one stored in the session.

来源：https://stackoverflow.com/questions/9049890/php-destroy-session-if-not-any-action-in-10-minutes