{"id":127917,"date":"2022-09-06T05:25:02","date_gmt":"2022-09-06T05:25:02","guid":{"rendered":"https:\/\/phppot.com\/?p=19285"},"modified":"2022-09-06T05:25:02","modified_gmt":"2022-09-06T05:25:02","slug":"php-session-destroy-after-30-minutes","status":"publish","type":"post","link":"https:\/\/sickgaming.net\/blog\/2022\/09\/06\/php-session-destroy-after-30-minutes\/","title":{"rendered":"PHP Session Destroy after 30 Minutes"},"content":{"rendered":"
by Vincy<\/a>. Last modified on September 6th, 2022.<\/div>\n

PHP has a core function session_destroy() to clear all the session values. It is a simple no-argument function that returns a boolean true or false.<\/p>\n

The PHP session ID is stored in a cookie by default. Generally that session cookie file is name PHPSESSID. The session_destroy function will not unset the session<\/a> id in the cookie.<\/p>\n

To destroy the session \u2018completely\u2019, the session ID must also be unset.<\/p>\n

This quick example uses session_destroy() to destroy the session. It uses the set_cookie() method to kill the entirety by expiring the PHP session ID.<\/p>\n

\n

Quick example<\/h2>\n

destroy-session.php<\/p>\n

<?php\n\/\/ Always remember to initialize the session,\n\/\/ even before attempting to destroy it. \/\/ Destroy all the session variables.\n$_SESSION = array(); \/\/ delete the session cookie also to destroy the session\nif (ini_get(\"session.use_cookies\")) { $cookieParam = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $cookieParam[\"path\"], $cookieParam[\"domain\"], $cookieParam[\"secure\"], $cookieParam[\"httponly\"]);\n} \/\/ as a last step, destroy the session.\nsession_destroy();\n<\/code><\/pre>\n<\/div>\n
Note:<\/strong><\/p>\n
    \n
  1. Use session_start() to reinitiate the session after the PHP session destroy<\/a>.<\/li>\n
  2. Use PHP $_SESSION to unset<\/a> a particular session variable. For an older PHP version, use session_unset().<\/li>\n<\/ol>\n
    \"php<\/p>\n
    About this login session_destroy() example<\/h2>\n
    Let\u2019s create a login example code to use PHP session<\/a>, session_destroy and all. It allows users to login and logout from the current session. Use this code if you are looking for a complete user registration and login in PHP script<\/a>.<\/p>\n
    This example provides an automatic login session expiry feature.<\/p>\n
    Landing page with a login form<\/h2>\n
    This form posts the username and the password entered by the user. It verifies the login credentials in PHP.<\/p>\n
    On successful login, it stores the logged-in state into a PHP session<\/a>. It sets the expiry time to 30 minutes from the last login time.<\/p>\n
    It stores the last login time and the expiry time into the PHP session. These two session variables are used to expire the session automatically.<\/p>\n
    login.php<\/p>\n
    <?php\nsession_start();\n$expirtyMinutes = 1;\n?>\n<html>\n<head>\n<title>PHP Session Destroy after 30 Minutes<\/title>\n<link rel='stylesheet' href='style.css' type='text\/css' \/>\n<link rel='stylesheet' href='form.css' type='text\/css' \/>\n<\/head>\n<body> <div class=\"phppot-container\"> <h1>Login<\/h1> <form name=\"login-form\" method=\"post\"> <table> <tr> <td>Username<\/td> <td><input type=\"text\" name=\"username\"><\/td> <\/tr> <tr> <td>Password<\/td> <td><input type=\"password\" name=\"password\"><\/td> <\/tr> <tr> <td><input type=\"submit\" value=\"Sign in\" name=\"submit\"><\/td> <\/tr> <\/table> <\/form>\n<?php\nif (isset($_POST['submit'])) { $usernameRef = \"admin\"; $passwordRef = \"test\"; $username = $_POST['username']; $password = $_POST['password']; \/\/ here in this example code focus is session destroy \/ expiry only \/\/ refer for registration and login code https:\/\/phppot.com\/php\/user-registration-in-php-with-login-form-with-mysql-and-code-download\/ if ($usernameRef == $username && $passwordRef == $password) { $_SESSION['login-user'] = $username; \/\/ login time is stored as reference $_SESSION['ref-time'] = time(); \/\/ Storing the logged in time. \/\/ Expiring session in 30 minutes from the login time. \/\/ See this is 30 minutes from login time. It is not 'last active time'. \/\/ If you want to expire after last active time, then this time needs \/\/ to be updated after every use of the system. \/\/ you can adjust $expirtyMinutes as per your need \/\/ for testing this code, change it to 1, so that the session \/\/ will expire in one minute \/\/ set the expiry time and $_SESSION['expiry-time'] = time() + ($expirtyMinutes * 60); \/\/ redirect to home \/\/ do not include home page, it should be a redirect header('Location: home.php'); } else { echo \"Wrong username or password. Try again!\"; }\n}\n?>\n<\/div>\n<\/body>\n<\/html>\n<\/code><\/pre>\n
    \"login\"<\/p>\n
    Dashboard validates PHP login session and displays login, and logout links<\/h2>\n
    This is the target page redirected after login. It shows the logout link if the logged-in session exists.<\/p>\n
    Once timeout<\/a>, it calls the destroy-session.php code to destroy all the sessions.<\/p>\n
    If the 30 minutes expiry time is reached or the session is empty, it asks the user to log in.<\/p>\n
    home.php<\/p>\n
    <?php\nsession_start();\n?>\n<html>\n<head>\n<title>PHP Session Destroy after 30 Minutes<\/title>\n<link rel='stylesheet' href='style.css' type='text\/css' \/>\n<link rel='stylesheet' href='form.css' type='text\/css' \/>\n<\/head>\n<body> <div class=\"phppot-container\">\n<?php\nif (! isset($_SESSION['login-user'])) { echo \"Login again!<br><br>\"; echo \"<a href='login.php'>Login<\/a>\";\n} else { $currentTime = time(); if ($currentTime > $_SESSION['expiry-time']) { require_once __DIR__ . '\/destroy-session.php'; echo \"Session expired!<br><br><a href='login.php'>Login<\/a>\"; } else { ?> <h1>Welcome <?php echo $_SESSION['login-user'];?>!<\/h1> <a href='logout.php'>Log out<\/a>\n<?php }\n}\n?>\n<\/div>\n<\/body>\n<\/html>\n<\/code><\/pre>\n
    This PHP code is used for users who want to log out before the session expiry time.<\/p>\n
    It destroys the session by requiring the destroy-session.php code. Then, it redirects the user<\/a> to the login page.<\/p>\n
    logout.php<\/p>\n
    <?php\nsession_start();\nrequire_once __DIR__ . '\/destroy-session.php';\nheader('Location: login.php');\n?>\n<\/code><\/pre>\n
    I hope this example helps to understand how to destroy PHP sessions. And also, this is a perfect scenario that is suitable for explaining the need of destroying the session.
    Download<\/a><\/p>\n
      <\/p>\n
    \n
    Popular Articles<\/h2>\n<\/p><\/div>\n
     \u2191 Back to Top<\/a> <\/p>\n","protected":false},"excerpt":{"rendered":"
    by Vincy. Last modified on September 6th, 2022. PHP has a core function session_destroy() to clear all the session values. It is a simple no-argument function that returns a boolean true or false. The PHP session ID is stored in a cookie by default. Generally that session cookie file is name PHPSESSID. The session_destroy function […]<\/p>\n","protected":false},"author":2,"featured_media":127918,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[65],"tags":[],"class_list":["post-127917","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-php-updates"],"_links":{"self":[{"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/posts\/127917","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/comments?post=127917"}],"version-history":[{"count":0,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/posts\/127917\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/media\/127918"}],"wp:attachment":[{"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/media?parent=127917"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/categories?post=127917"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/tags?post=127917"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}