PHP: Session Timeouts
November 26th, 2009 | 
Defining session timeout thresholds for PHP scripts is a security “must”. I recommend that you consider the purpose of your script before applying a session timeout function. For instance, if your site has a secure login and security requirements, it’s important to include the timeout function. However, it’s often an inconvenience to end-users.
Use the code below to create a function which can be used to implement a secure timeout threshold.
/* Set timeout threshold to 10 minutes (600 seconds) */ @session_start(); $timeout = 600; $_SESSION["expires_by"] = time() + $timeout;
