<?php
// File: session_config.php
$lifetime = 300; // 5 minutes — gives buffer; OTP still expires in 2 min

// Configure cookie before session_start()
session_set_cookie_params([
    'lifetime' => $lifetime,
    'path' => '/',
    'domain' => '.unitedculturalforum.com', // leading dot covers www + non-www
    'secure' => false, // true if HTTPS only
    'httponly' => true,
    'samesite' => 'Lax'
]);

ini_set('session.gc_maxlifetime', $lifetime);
ini_set('session.cookie_lifetime', $lifetime);

// Start session safely
if (session_status() === PHP_SESSION_NONE) {
    session_start();
}
?>