Hi,
I think that it is possible (havent tried it though) to do what you want, but I think that the logic should be reversed (more on this later
).
If you want to erase a particular session (that is, eliminate all the content of the _SESSION array) you could set the id of the session (since you have it), set it in the _COOKIE array (you should check which one is the correct key, I think it is PHPSESSID but I am sleepy and dont remember hehehe) then start the session, and finally destroy it. It would be something like this:
Code:
$_COOKIE["PHPSESSID"] = $myCrazySessionIDWhichWasBroughtOfMySQL;
session_start();
session_destroy();
I think that (now that I have just read a bit) there is a function called session_id which you can use to set the current session ID. This I have not tried, but it makes sense to me:
Code:
session_id($myCrazySessionIDWhichWasBroughtOfMySQL);
session_start();
session_destroy();
Which I like better if it works
But given the pasive nature of web programming, you could implement what you want in two ways:
1) Setting the SESSION cookie to expire after 60 minutes. This will make the cookie to be lost and would end up the session.
2) When the user request a webpage, you have to check its session (you are doing this now). Within this check you can add another condition where it compares the current time with the last activity time you have saved in your database. If it doesnt fullfill this condition, you just erase his session and send him to the login page.
You can probably can do both (number 1 is very dumb) but number 2 is the one I like the most, since it gets nicely with the pasive nature of web development. But if the solution of destroy the session works, then I believe it would be easy to implement for your particular project, since you have done most of the work already
Well, I hope this is useful.
Cheers!