You could also keep login info in your database with something like the DTS of the time they authenticate, the IP address they're using, and their PHP session id. Then, for each page displayed, query that table to see if they have had a valid login within the last 3 hours. If not, make them log in again. HTH!
--- In [email protected], "Mike" <[EMAIL PROTECTED]> wrote: > > Pete, > > I'm not sure this is the problem, but the value of session.cache_expire is > only valid if session.cache_limiter is set to something other than nocache - > nocache is the default. > > From http://us3.php.net/manual/en/ref.session.php > > session.cache_limiter specifies cache control method to use for session > pages (none/nocache/private/private_no_expire/public). Defaults to nocache. > > session.cache_expire specifies time-to-live for cached session pages in > minutes, this has no effect for nocache limiter. Defaults to 180. > > regards, > Mike > > ----- Original Message ----- > From: Pete > To: [email protected] > Sent: Thursday, January 11, 2007 3:00 AM > Subject: [php_mysql] Session Timeout > > > > I have a client who wants to increase the SESSION time-out. He says > that clients who are inactive for 30+ minutes are logged out, but he > wants this to stay active for up to 3 hours. > > Client data is held in sessions, so I assume that the session times out, > but looking at phpinfo(), session.cache_expire is set to 180. Doesn't > that mean that sessions expire after 180 minutes (3 hours?) > > -- > Pete Clark >
