PHP web sessions

I have couple questions regarding the sessions ...

1) How can I list all active sessions on my server?

2) How can I make secure login, account timeout and logout开发者_开发知识库 using sessions?

---

PHP's default session handler saves the session data as a serialize() copy of the $_SESSION array, and that goes into a file, which is specified in php.ini. You can retrieve it at runtime with session_save_path(). Generally, the files are constructed as

$sessionFile = 'sess_' . session_id();

Listing all sessions is just a matter of pulling out all the files in the session dir that start with sess_. However, unless you're doing long-running processes, most sessions will only be 'active' for the short time someone's actually hitting a page on your site.

As for the login system, there's tons of answers on this site. Look at the "Related" links on the right-hand side of this page to find some.