Creative Juices Bo. Co.

Satisfy Your Thirst For Something Refreshing!

CJ Session Timer 1.1

A Javascript Session Time-Out Timer

I was running into a little problem with a website of mine that was experiencing some weird errors. The site has a password protected directory that allows the users to edit upcoming events. The problem was that this site was on a shared hosting environment and I didn't have control over the session timeout length. They had it set at 30 minutes and it sometimes took people longer than this to complete their edit (or maybe they took a phone call). When they tried to enter the event, they would get redirected to an error page without really knowing why.

I decided to make a simple little javascript timer that would alert the user that the session had expired and then send them to the logout script automatically. This isn't the most graceful way of handling this, because they still loose whatever data they were trying to enter, but at least now they know they have a limited amount of time to make their updates.

The script is fairly straightforward. You will need to change the "redirect" path to point to your ColdFusion (or whatever server language you are using) logout script.

Version 1.1

/*globals self,window,document,confirm,alert */
var JSsessionTimeOut = {
   timer: null,
   delay: 25, /* minutes */
   redirect: "",
   message: "Your session has timed out due to inactivity. For site safety, you are required to re-login. Click okay to go to the login page.",
   timeoutSession:  function() {
      if (confirm(JSsessionTimeOut.message)) {
         self.location = JSsessionTimeOut.redirect;
   resetSessionTimeout: function() {
      JSsessionTimeOut.timer = window.setTimeout('JSsessionTimeOut.timeoutSession()', (JSsessionTimeOut.delay * 60 * 1000));
   init: function(prefs) {
      // make sure the system environment will allow us to run
      if (!document.getElementById || !document.createElement) {
      // check if the user passed any prefs
      if(typeof prefs === "object") {
         if(typeof prefs.redirect !== "undefined" && prefs.redirect !== "") {
            JSsessionTimeOut.redirect = prefs.redirect;
         if(typeof prefs.message !== "undefined" && prefs.message !== "") {
            JSsessionTimeOut.message = prefs.message;
         if(typeof prefs.delay !== "undefined" && prefs.delay) {
            JSsessionTimeOut.delay = prefs.delay;
      // start the timer
      JSsessionTimeOut.timer = window.setTimeout('JSsessionTimeOut.timeoutSession()', (JSsessionTimeOut.delay * 60 * 1000));

To invoke the v1.1 script, just place this line on all the files within your session managed directory

<script src="/cj_session_timeout.js" type="text/javascript"></script>

You can then initialize the script two ways. You can leave the file as is and it will initialize with the settings you placed in the file or, If you would like to pass settings to the script, then comment out this line in the JS file:


Then add an onload event to the body tag...

<body onload='JSsessionTimeOut.init({ redirect: "", message : "Your new message.", delay: 25 });'>

Any questions or problems, let me know.