in reply to Execute code after session expire
Remember that a web-server, alone, only reacts to incoming HTML messages as they arrive. It processes them to produce an HTML response, then forgets all about it. If not one single HTML message came to that server during the next hour, say, then that HTML server would never run at all for that entire hour. If nothing referencing that particular session-id came through, the session record would probably never be touched.
Hence, the need for cron jobs, or some equivalent scheduled mechanism, which will cause a response to occur at or near the appointed time, even if there is no HTML activity. Certainly, things like “deleting files” ought to be done in this way. For one thing, deleting files takes time that a very busy HTML-server ought not to spend. Also, HTML-servers often run with almost-no filesystem permissions at all, to minimize the dangers associated with intrusion. The HTML-server might well be given permission to read a selected directory of files, but not to create, delete, or modify any of its content.