I am trying to force log out an inactive user from my CMS. The timeout value is stored in a value called PREF_TIMEOUT in my database. Ive borrowed this code and modified it a little. The code does not seem to be doing anything. Does anyone know of a better method of doing this or can spot what is breaking it?

<?php
function init() {
parent:: init();
self::logoutInactiveUser();
}

$timeout = mysql_query("SELECT PREF_TIMEOUT FROM preferences WHERE PREF_ID = '1'");
$result = mysql_fetch_array($timeout);

function logoutInactiveUser() {
        $inactivityLimit = $timeout * 60; // Converted to seconds
        $sessionStart = Session::get('session_start_time');
        if (isset($sessionStart)){
            $elapsed_time = time() - Session::get('session_start_time');
            if ($elapsed_time >= $inactivityLimit) {
                $member = Member::currentUser();
                if($member) $member->logOut();
                Session::clear_all();
                Director::redirect(Director::baseURL() . 'Security/login');
            }
        }
        Session::set('session_start_time', time());
    }
?>

There is really no reason to write functional PHP in OOP style. Everything here is static , so could be functions as well (static in OOP means other things than Session:: Form:: or Input:: or things like that).

You want to log out a user (I believe in its current session) when he is inactive. First you must define what you mean “inactive” . For example do you mean that she/he didn't interact for a certain time of period? There are many ways to do it , some simpler some harder. The simplest is to have a variable in JavaScript (e.g. lastActionTimeStamp) and with an interval (e.g. each second) check if currentTimeStamp minus lastActionTimeStamp is greater than the time you want to have the user logged out (e.g. 30 minutes).