问题:

UPDATED!!

I've been working on my session for so long and have yet to find solutions to it. Probably because I don't understand my code. I'm still new at PHP language and don't understand session much. It'll be great if someone could guide me along.

Below are my codes to handle session timeout. Apologised for the lengthy post as I want it to be detailed so that someone able to help me with this.

firstSession.php

<?php
session_start ();
if (! isset ( $_SESSION ["isLoggedIn"] ) || ! ($_SESSION ['isLoggedIn'])) {
    // code for authentication comes here
    // ASSUME USER IS VALID
    $_SESSION ['isLoggedIn'] = true;
    // ///////////////////////////////////////
    $_SESSION ['timeOut'] = 1200;
    $logged = time ();
    $_SESSION ['loggedAt'] = $logged;
    // showLoggedIn ();
} else {
    require 'timeCheck.php';
    $hasSessionExpired = checkIfTimedOut ();
    if ($hasSessionExpired) {
        session_unset ();
        header ( "Location:index.php" );
        exit ();
    } else {
        $_SESSION ['loggedAt'] = time (); // update last accessed time
                                              // showLoggedIn ();
    }
}
?>

check.php

<?php
session_start ();
$stillLoggedIn = timeCheck ();
echo $stillLoggedIn;
function timeCheck() {
    if (! isset ( $_SESSION ['isLoggedIn'] ) || ! ($_SESSION ['isLoggedIn'])) {
        session_unset ();
        return true;
        exit ();
    } else {
        // user is logged in
        require 'timeCheck.php';
        $hasSessionExpired = checkIfTimedOut ();
        if ($hasSessionExpired) {
            session_unset ();
            return true;
        } else {
            return false;
        }
    }
}
?>

timeCheck.php

 <?php
    function checkIfTimedOut() {
        $current = time (); // take the current time
        $diff = $current - $_SESSION ['loggedAt'];
        if ($diff > $_SESSION ['timeOut']) {
            return true;
        } else {
            return false;
        }
    }
    ?>

header.php

<?php
session_start ();
include ('ajax-helper/config.php');
include_once ('ajax-helper/functions.php');
include ('ajax-helper/php-header.php');

include ('includes/firstSession.php');
?>
<script src="js/ajax.js"></script>

ajax.js

window.onload = init;
var interval;
function init() {
    interval = setInterval(trackLogin, 1000);
}
function trackLogin() {
    var xmlReq = false;
    try {
        xmlReq = new ActiveXObject("Msxml2.XMLHTTP");
    } catch (e) {
        try {
            xmlReq = new ActiveXObject("Microsoft.XMLHTTP");
        } catch (e2) {
            xmlReq = false;
        }
    }
    if (!xmlReq && typeof XMLHttpRequest != 'undefined') {
        xmlReq = new XMLHttpRequest();
    }

    xmlReq.open('get', 'check.php', true);
    xmlReq.setRequestHeader("Connection", "close");
    xmlReq.send(null);
    xmlReq.onreadystatechange = function() {
        if (xmlReq.readyState == 4 && xmlReq.status == 200) {
            if (xmlReq.responseText == 1) {
                clearInterval(interval);
                alert('You have been logged out. You will now be redirected to home page.');
                document.location.href = "index.php";
            }
        }
    }
}

account-edit.php

 <?php
    session_start ();
    if (! isset ( $_SESSION ["loginSuccess"] )) {
        echo "<script type='text/javascript'>alert('Login failed!');</script>";
        die ( '<meta http-equiv="refresh" content="0;URL=\'login-redirect.php\'" />' );
    }

include ('includes/header.php');
include ('includes/header-search.php');
include ('includes/header-nav.php');
include ('includes/header-info.php');
?>

From my code above, what I getting is even on pages that do not need user to log in, pop up will appear stating that user will need to log in again, as the session has ended, which actually do not make sense. However, what i want to aim for is it checks whether user is log in or not, if user log in over the session period of time, user will be logged out.