I don't have access to the php.ini on my hosting provider's shared server
and don't want to rely on cookies, so I'm wondering if this a reliable way
to timeout a session:
[login page]
if (credentials are valid)
{
$_SESSION['timeout'] = time();
redirect to url
}
[redirect page]
if ($_SESSION['timeout'] > (time() - 300))
{
echo "You are logged in."
}
else
{
echo "Your session has timed out."
}
Seems to work - but I'm new to php... am I'm missing something?
Thanks in advance.