Hello I'm trying to come up with a way to update my database if the user does not logout properly. Utilizing the session.gc_maxlifetime seems to be the right way to do it. Is it possible to call a function when the lifetime has expired and the garbage collector destroys the session? Also how does the gc_maxlifetime reset its timer? Is it when some $_SESSION variable updates? or just a client request?
I've tried finding solutions but they all involve user interaction e.g I set a custom session timer and if the user interacts with the webpage after being inactive for too long the "logout" function kicks in and session in destroyed.
You can hook into session GC by writing your own session handler and applying it with
session_set_save_handler(). The function given as the
gc parameter will be called when it's time to perform GC on sessions.
Note that these functions only get access to the serialized session data, and that the serialization format that sessions use is subtly different than the normal PHP serialization method. If you're trying to read user data during the GC process, you're not going to have much fun doing so.
Instead, you probably want to separately record user activity attached with a session ID, and track inactivity & lack of logouts as a separate mechanism.