Not really sure of what you mean by "Non-transient room which allows duplicate IDs: When a user logs out, the room sometimes disappears". How do you know the room has disappeared ? Did you check in the Developer Portal and it's not there anymore ?
Regarding the 403, that's an authentication error. I am wondering if your authentication token (in AccountManager in the PHP code) becomes invalid.
Basically the authentication session on the server-side has an inactivity timeout of 15 minutes, so if you don't access our services for 15 minutes the authentication token expires and you'll start getting 403.
There are a couple of options here:
1) if you can set up an interval timer or cron-job like task (don't know if it's possible in PHP) you can "ping" our server every 10 minutes and keep the token alive.
2) if you get a 403 you should login again and retry the operation.