From a0aa150418b628b32b18c70436d6be495129ee38 Mon Sep 17 00:00:00 2001 From: Dmitry Sandalov Date: Sat, 21 Dec 2013 23:39:45 +0400 Subject: [PATCH] fix for long lasting session --- inc/3rdparty/Session.class.php | 11 +++++++++-- inc/poche/Poche.class.php | 3 ++- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/inc/3rdparty/Session.class.php b/inc/3rdparty/Session.class.php index df913a0..3262455 100644 --- a/inc/3rdparty/Session.class.php +++ b/inc/3rdparty/Session.class.php @@ -32,6 +32,8 @@ class Session // If the user does not access any page within this time, // his/her session is considered expired (3600 sec. = 1 hour) public static $inactivityTimeout = 3600; + // Extra timeout for long sessions (if enabled) (82800 sec. = 23 hours) + public static $longSessionTimeout = 82800; // If you get disconnected often or if your IP address changes often. // Let you disable session cookie hijacking protection public static $disableSessionProtection = false; @@ -106,6 +108,7 @@ class Session $password, $loginTest, $passwordTest, + $longlastingsession, $pValues = array()) { self::banInit(); @@ -118,7 +121,11 @@ class Session $_SESSION['username'] = $login; // Set session expiration. $_SESSION['expires_on'] = time() + self::$inactivityTimeout; - + if ($longlastingsession) { + $_SESSION['longlastingsession'] = self::$longSessionTimeout; + $_SESSION['expires_on'] += $_SESSION['longlastingsession']; + } + foreach ($pValues as $key => $value) { $_SESSION[$key] = $value; } @@ -136,7 +143,7 @@ class Session */ public static function logout() { - unset($_SESSION['uid'],$_SESSION['ip'],$_SESSION['expires_on'],$_SESSION['tokens'], $_SESSION['login'], $_SESSION['pass'], $_SESSION['poche_user']); + unset($_SESSION['uid'],$_SESSION['ip'],$_SESSION['expires_on'],$_SESSION['tokens'], $_SESSION['login'], $_SESSION['pass'], $_SESSION['longlastingsession'], $_SESSION['poche_user']); } /** diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php index d415dd0..adec9b2 100644 --- a/inc/poche/Poche.class.php +++ b/inc/poche/Poche.class.php @@ -678,7 +678,8 @@ class Poche $user = $this->store->login($login, Tools::encodeString($password . $login)); if ($user != array()) { # Save login into Session - Session::login($user['username'], $user['password'], $login, Tools::encodeString($password . $login), array('poche_user' => new User($user))); + $longlastingsession = isset($_POST['longlastingsession']); + Session::login($user['username'], $user['password'], $login, Tools::encodeString($password . $login), $longlastingsession, array('poche_user' => new User($user))); $this->messages->add('s', _('welcome to your poche')); Tools::logm('login successful'); Tools::redirect($referer);