What is the purpose of automatically logging out a user after a certain period of time in PHP?

Automatically logging out a user after a certain period of time helps to enhance security by reducing the risk of unauthorized access to the user's account if they leave their device unattended. This practice also helps to free up server resources by closing inactive sessions.

// Set the session timeout period to 30 minutes
ini_set(&#039;session.gc_maxlifetime&#039;, 1800);
session_start();

// Check if the user is logged in
if(isset($_SESSION[&#039;user_id&#039;])) {
    // Check if the last activity time is expired
    if(isset($_SESSION[&#039;last_activity&#039;]) &amp;&amp; (time() - $_SESSION[&#039;last_activity&#039;] &gt; 1800)) {
        // Log the user out and redirect to the login page
        session_unset();
        session_destroy();
        header(&quot;Location: login.php&quot;);
        exit;
    }

    // Update the last activity time
    $_SESSION[&#039;last_activity&#039;] = time();
}

Keywords

session management session timeout user authentication security PHP programming

What is the purpose of automatically logging out a user after a certain period of time in PHP?

Keywords

Related Questions