start a session in php, destroy a session in php, php sessions, add session time in php, How to increase session timeout in PHP

How to increase session timeout in PHP

You might sometimes wonder why when you log in to a certain website and you inactively perform any task after logging in and then you try to navigate to a particular section in the website you are directed to the login page and yet you had logged in some few minutes ago.

The redirection back to the login page is because of session timeout and varies from one website to another.

A session is that uniqueness that identifies you as the same person throughout the website and allows you to access the content of specific web pages. Sessions are used in web applications to check whether the user is active or not therefore the reason you see you are required to log in after a certain period of inactiveness

The good thing with sessions is that as long as you are active or navigating on a website throughout, the session will not timeout or expire meaning it can last to infinity.

In this article, we shall cover how to start a session in PHP, how to destroy a session in PHP, how to increase session timeout in PHP, and also the variables that are involved while working with sessions in PHP

How to start a session in PHP

Like we have said above, sessions do not automatically appear, they are created and assigned a unique value or id to identify the user who is active. The reason why they are assigned unique id’s is to avoid conflict and confusion whenever there is more than one user who is active in the same web application at the same time.

While starting a session in PHP, we use the start session function as shown below




The session start function starts a new session or continues with the already existing one if you visit a new page from a page that had a session defined

The session start function creates a unique id for the user who is currently in the web

How to assign variables to a session

We do assign variables to a session so that we can uniquely match with the records that we have in the website application. For example, during login we usually need to identify which user specifically has been granted access and we use the username the user has entered and assign it to the session so that when we want to fetch the records of the user, we can relate easily

We use the $_SESSION['name_of_the_session'] and assign the variable as follows




//a real example

$_SESSION['SESSION1']= 'solutionspace'


How to destroy a session in PHP

This happens when you want to logout from an application whereby you tell the system to unlink you from the list of current sessions

To do this, you must define the session that you want to destroy or unset

First, you call the unset function with the session that is active and then follow it with the session destroy function, and then you can decide to redirect the user to another page, for example, the login page to give way for another user to log in

To destroy a session code is as shown






How to increase session timeout in PHP

This is done mostly to increase the inactive time for a user before redirecting the user back to the login page

Lets use an example of adding the session time with 20 minutes



$_SESSION['auth'] = true;  // allow session authentication by setting it to true

$_SESSION['start'] = time(); // the current start time of the session

$_SESSION['expire'] = $_SESSION['start'] + (20 * 60); // setting the expiry time to current time added 20 minutes


To determine whether the session of the user has expired we check whether the current time is greater than the session expire time value. If it is, we destroy the session, else we continue maintaining the current session



$_SESSION['auth'] = true;  

$_SESSION['start'] = time();

$_SESSION['expire'] = $_SESSION['start'] + (20 * 60);

$currenttime= time();


Unset and destroy session


Session to continue



That is how we work with sessions in PHP, how you have learned. Let us know if you need more elaborations.