The PHP session consists of a cookie with an identifier, and a server-side cleanup system.
The cookie time of the start time session of this session, and even if the person continues to access the site, the session will expire at the time stipulated in the preferences, without being automatically renewed.
If you want to extend the session so that the time counts from the last access, not the first, you need to refresh the session cookie periodically (or at each access).
There are several ways, this is the PHP manual : / p>
<?php
$lifetime=600;
session_start();
setcookie(session_name(),session_id(),time()+$lifetime);
?>
Another one, taken from is also a good example:
Setcookie(
ini_get("session.name"),
session_id(),
time()+ini_get("session.cookie_lifetime"),
ini_get("session.cookie_path"),
ini_get("session.cookie_domain"),
ini_get("session.cookie_secure"),
ini_get("session.cookie_httponly")
);
Do not forget that anyway, this value of php.ini
must be greater than the session time. If you have a 2 hour session, use for example 7800 (2h * 60m * 60s = 7200, plus 600 for 10 minutes of "slack"):
session.gc_maxlifetime = 7800