Home/ Questions/Q 7722347
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-01T04:08:53+00:00

I am using PHP to settle the session timeout…I found a few solutions so

  • 0

I am using PHP to settle the session timeout…I found a few solutions so i picked the one i understand the most which was:

    $now = time(); // checking the time now when home page starts

    if($now > $_SESSION['expire'])
    {
    session_destroy();
    echo "Your session has expire ! <a href='login.php'>Login Here</a>";
    };

I also added this in my login processor page

$_SESSION['start'] = time(); // taking now logged in time
$_SESSION['expire'] = $_SESSION['start'] + (30 * 60) ; // ending a session in 30 minutes from the starting time

from How do I expire a PHP session after 30 minutes?

The result was that the message Your session has expire ! <a href='login.php'>Login Here</a> did appear but the page was still in the homepage instead of going back to the login page…I was wondering if by adding header ('Location:login.php'); below the echo line will bring it back to the login page…

How do i change the echo message to pop up message instead together with bring the page back to login.php?

Thanks…I know there are answers online but I want to know where is my mistake so i can learn something here…Teaching and guidance is really appreciated

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can not echo something and at the same time redirecting to the homepage with a header() call. The header call requires that you DON’T echo anything. Also, popups need you to use some sort of client-side scripting (ECMAScript/JavaScript). Try to output this code on logout instead of your message:

    <script>
alert('Your session have expired! Please login again.');
location.href = 'login.php';
</script>

    Another solution is to NOT destroy the session entirely. Just unset all variables. Then store an error message in the session and redirect to the login page. Show the error message at the login page. Something like this:

    function my_session_destroy() {
  $_SESSION = array();
}

if (/* session expired  ...*/) {
  my_session_destroy();
  $_SESSION['error'] = 'Your session have expired. Please login and try again.';
  header('Location: login.php');
  exit(); //Always call exit() after a header('Location: ...') call!
}

    At login.php:

    if(isset($_SESSION['error'])) {
  printf('<p class="error">%s</p>', $_SESSION['error']);
  unset($_SESSION['error']);
}
    • 0