timing session out with inactive accounts

Question

Hi, I have created my own sessions and now want to time out inactive users. The thing is I have got it to work.. kind of... after the session timeout has passed, when i click on another page, it does nothing, but then when i click on something again it times out as supposed to. Heres my code

if(preg_match("#^" . DOMAIN_SSL . ".*#is", $_SERVER['HTTP_REFERER'])) {
    # connect to main database that holds all accounts
    $con = mysql_connect('##########', '#########', '############') or die ( mysql_error() );
    $db = mysql_select_db('##########', $con);

    # find data which is identified via KI
    $query = mysql_query("SELECT * FROM `accounts` WHERE KI = '$KI' ", $con) or die ( "error: " . mysql_error() );
    # if KI is not found
    if( mysql_num_rows( $query ) != 0 ) {
        $array = mysql_fetch_array( $query );

        mysql_query( "UPDATE `accounts` SET timelog = '" . time() . "' WHERE KI = '$KI' ", $con) or die ( "error: " . mysql_error() );
        # get account information and create a group of constants
        define( "USER_PASS", $array['password'] );
        define( "USER_EMAIL", $array['email'] );
        define( "USER_DOMAIN", $array['website'] );
        define( "USER_FIRST_NAME", $array['fname'] );
        define( "DB_USER", $array['db_name'] );
        define( "DB_PASS", $array['db_pass'] );
        define( "DB_HOST", 'localhost' );       
        define( "FTP_USER", $array['ftpuser'] );
        define( "FTP_PASS", $array['ftppass'] );
        define( "FTP_SERVER", $array['ftpserver'] );

        define( "MD5_WEBSITE", trim(md5($array['website'])) );
        define( "ROOT_FOLDER", $array['rootfolder'] );
        define( "TIMELOG", $array['timelog'] );
        define( "EDITOR", $array['editor'] );

        # begin to set new KI
        $time = TIMELOG / 60; #return timein minutes
        $time = floor( $time / TIMEOUT );
        $NEW_KI = md5( $_SERVER['REMOTE_ADDR'] . USER_EMAIL . USER_PASS . $time );
        mysql_query( "UPDATE `accounts` SET KI = '$NEW_KI' WHERE KI = '$KI' ", $con) or die ( "error: " . mysql_error() );
        if( strcmp ( $NEW_KI, $KI ) == 0 ) {

            # update KI to reset 15 min timeout
            define( "KI", $NEW_KI );            
            # continue to load pages - success!             
            $USER_CON = mysql_connect(DB_HOST, DB_USER, DB_PASS);
            $USER_db = mysql_select_db(DB_USER, $USER_CON);

        }else{
            #close open mysql connection
            mysql_close($con);
            # produce timeout error message - failed!
            header( "location: " . DOMAIN . "?e=7" );
    }
}else{
    #close open mysql connection
    mysql_close($con);
    # produce timeout error message - failed!
    header( "location: " . DOMAIN . "?e=7" );
}
}

all the pages run through one main page which this is stored. $KI is passed via a GET var. Any help on why this is doing this would be much appreciated.

Answer 1

    # begin to set new KI
    $TEMP_KEY = md5( $_SERVER['REMOTE_ADDR'] . USER_EMAIL . USER_PASS . floor( ( time() / 60 ) / TIMEOUT ) );
    $NEW_KI = md5( $_SERVER['REMOTE_ADDR'] . USER_EMAIL . USER_PASS . floor( ( TIMELOG / 60 ) / TIMEOUT ) );
    mysql_query( "UPDATE `accounts` SET KI = '$NEW_KI' WHERE KI = '$KI' ", $con) or die ( "error: " . mysql_error() );
    if( strcmp ( $NEW_KI, $TEMP_KEY ) == 0 ) {

This seems to have sortted it, thanks anyway.