diff --git a/session_api.install b/session_api.install
index 0947ee6..8a48f88 100644
--- a/session_api.install
+++ b/session_api.install
@@ -31,11 +31,19 @@ function session_api_schema() {
         'length' => 64,
         'not null' => TRUE,
       ),
+      'timestamp' => array(
+        'type' => 'int',
+        'not null' => TRUE,
+        'default' => 0,
+      ),
     ),
     'primary key' => array('sid'),
     'unique keys' => array(
       'session_id' => array('session_id'),
     ),
+    'indexes' => array(
+      'timestamp' => array('timestamp'),
+    ),
   );
 
   return $schema;
@@ -51,3 +59,15 @@ function session_api_update_6100() {
 
   return $ret;
 }
+
+/**
+ * Implementation of hook_update_N().
+ *
+ * Adds timestamp field.
+ */
+function session_api_update_6101() {
+  $ret = array();
+  db_add_field($ret, 'session_api', 'timestamp', array('type' => 'int', 'not null' => TRUE, 'default' => 0));
+  db_add_index($ret, 'session_api', 'timestamp', array('timestamp'));
+  return $ret;
+}
diff --git a/session_api.module b/session_api.module
index ccbc39e..f45de8d 100644
--- a/session_api.module
+++ b/session_api.module
@@ -41,12 +41,16 @@ function session_api_get_sid($create = TRUE) {
   }
 
   if (!isset($sid) || !$sid) {
+    // Initialize the timestamp and sid now for use in conditional checks.
     $sid = FALSE;
-
+    $timestamp = time();
     // First, check if we already have an active session.
     if (isset($_COOKIE['session_api_session']) && $_COOKIE['session_api_session']) {
       $session_id = $_COOKIE['session_api_session'];
-      $sid = db_result(db_query("SELECT sid FROM {session_api} WHERE session_id = '%s'", array(':session_id' => $session_id)));
+      $result = db_query("SELECT sid, timestamp FROM {session_api} WHERE session_id = '%s'", array(':session_id' => $session_id));
+      $session_info = db_fetch_object($result);
+      $sid = $session_info->sid;
+      $timestamp = $session_info->timestamp;
     }
     // If the caller doesn't want to create a new session if it didn't exist, 
     // then return here.
@@ -63,8 +67,15 @@ function session_api_get_sid($create = TRUE) {
     $cookie_domain = ini_get('session.cookie_domain');
     // Update the session timeout.
     if ($sid) {
+      if($timestamp > time() - variable_get('session_api_cookie_update_time', 3600)) {
+        // Skip the update if the timestamp is not old enough (1 hour default).
+        return $sid;
+      }
       $rec = new stdClass;
       $rec->sid = $sid;
+
+      // Set a created date so we know when to clear the record.
+      $rec->timestamp = time();
       $rec->session_id = $session_id;
       drupal_write_record('session_api', $rec, 'sid');
       setcookie('session_api_session', $session_id, time() + variable_get('session_api_cookie_expire_time', 2592000), '/', $cookie_domain);
@@ -72,10 +83,12 @@ function session_api_get_sid($create = TRUE) {
     // No sid exists, create new one.
     else {
       $rec = new stdClass();
+
       $rec->session_id = $session_id;
+      // Set a created date so we know when to clear the record.
+      $rec->timestamp = time();
       drupal_write_record('session_api', $rec);
       $sid = $rec->sid;
-
       // Set cookie.
       setcookie('session_api_session', $session_id, time() + variable_get('session_api_cookie_expire_time', 2592000), '/', $cookie_domain);
     }
@@ -104,14 +117,14 @@ function session_api_menu() {
  */
 function session_api_cron() {
   // Fetch list of outdated sids.
-  $result = db_query("SELECT sap.sid FROM {session_api} sap LEFT JOIN {sessions} s ON (sap.session_id = s.sid) WHERE s.sid IS NULL");
+  $result = db_query("SELECT sap.sid FROM {session_api} sap LEFT JOIN {sessions} s ON (sap.session_id = s.sid) WHERE s.sid IS NULL AND sap.timestamp < %d", time() - variable_get('session_api_cookie_expire_time', 2592000));
   $outdated_sids = array();
   while ($session = db_fetch_object($result)) {
     $outdated_sids[] = $session->sid;
   }
   if (!empty($outdated_sids)) {
     module_invoke_all('session_api_cleanup', $outdated_sids);
-    db_query('DELETE FROM {session_api} WHERE sid IN (' . db_placeholders($outdated_sids, 'varchar') . ')');
+    db_query('DELETE FROM {session_api} WHERE sid IN (' . db_placeholders($outdated_sids, 'int') . ')', $outdated_sids);
   }
 }
 
