Ok, i have one totaly noob question about php sessions: I have 3 (and

Question

0

Asked: June 6, 20262026-06-06T06:30:46+00:00 2026-06-06T06:30:46+00:00

Ok, i have one totaly noob question about php sessions: I have 3 (and

0

Ok, i have one totaly noob question about php sessions:

I have 3 (and more) php pages, i need to protect them with login system and sessions. Now, i am including this to the top of every page:

session_name('somename');
session_start();

if(!$_SESSION['user_loggedIn']){
    header("location: login.php");
}

if (isset($_SESSION["timeout"])) {
$inactive = 900;
    $sessionTTL = time() - $_SESSION["timeout"];

      if ($sessionTTL > $inactive) {
        session_destroy();
        header("location: login.php");
      }

}

Question: is it correct to add something like include session.php; to top of every php file, ofc. session.php would include only code above.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-06T06:30:48+00:00

You shouldn’t need to handle the session timeout yourself, your webserver is almost certainly handling that for you already. All you should need to do is check to see if the session exists and make sure you have login info in that session.

Also, as far as “what’s the right thing to do” — if you require it at the top of every php file, remember to use “require_once” because there’s no point in doing the same thing over and over if you include other files. Also, you may only need to do this on pages where you know you only want secured users, which isn’t always every page of the site.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Ok, i have one totaly noob question about php sessions: I have 3 (and

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply