Web Development: A brief history of time()
Part of the beauty of PHP to me is the number of really useful variables that are built in. Some of these might seem very odd at first, but once you start creating pages you will run into some problems which you’ll find can be solved by a function which seemed totally useless when you first heard of it. One of these functions for me was
time().
Echoing the
time() function will give you the amount of time passed since the Unix Epoch in seconds. Say what? Epoch means a point in time chosen as the start of a period or an era and thus the Unix Epoch is January 1 1970 00:00:00 GMT. So echoing the
time() function will give us “1230978041″ at the time I’m writing this, meaning that 1,230,978,041 seconds have passed since then. So why is this useful to us?
Mathematically it gives us a much easier way of keeping track of time. Sure, 2008, Jan 15th might seem all nice and organized to you, but to calculate the days passed from the 15th of Januaray to the 17th we’s have to strip the numbers of “th”, and in more complicated cases perform a bunch of other string changes. Using time you can essentially assign a number value to any given second, making it much easier to use, especially as a counter.
The place I use it most is to log out users of a website automatically after an inactivity period. When a user signs in I create all the session variables for him/her, and I also create one which holds the time his session should expire. The beauty of this whole system is that I do not need to know the actual time, I can just assign a value to the session variable like this:
$_SESSION['user']['time'] = time() +3600
This means that the user can stay logged in for 3,600 seconds (in other words an hour) from this moment in time. This is a very convenient way of defining expiration time, since you can think in terms of how long you want it to be, as opposed to trying to calculate a specific date and time.
When a user refreshes a page, or moves on to a new one, a script will check the value of the session variable. If the current time is smaller than the session variable, the user can stay logged in and I also usually prolong the session by another 3,600 seconds. This gives it the true “inactivity” aspect, since the user is allowed to stay logged in for more than an hour, as long as he/she is using the system. You could however choose not to prolong the session, in this case the user would have to log in again after one hour no matter what. In some high security systems this might be the way to go, or if you want the user to spend exactly one hour on a specific puzzle, there are many uses for everything. Needless to say that if the current time is more than the session variable the user is signed out.
Another common use for
time() is to serve as the basis for generating a random ID, or character set, in other words, it can serve as a seed. A quite efficient way of creating a very random string would be to use
time(), divide it by a random number generated between 0 and 9,999, add some random characters to it, and encode the whole thing using the SHA1 algorithm for example. Code-wise this is not as difficult or as long as it may sound, and it is pretty random and strong, although I am no security specialist.
Web Development: A brief history of time() 
Linear Mode
