Make Session Never Expire
Brought to you by:
jberanek
Hi all,
I'm using php session type. I'd like to achieve that users do not have to login very often.
The system should behave like sites where you have a "Stay logged in" checkbox in the login form.
Currently my changes in config.inc.php are the following:
$auth["session_cookie"]["include_ip"] = FALSE; $auth["session_php"]["session_expire_time"] = (60*60*24*365); // one year
Is it possible to configure the session so that the user never has to login a second time unless he hits "logout"?
You've got a few issues there...
If you use the 'php' session type you're going to hit PHP's session "garbage collector" when trying to make sessions last as long as a year. PHP keeps sessions on disk as files, so has code to delete sessions after a configured time.
This is explained under:
http://php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime
If you don't want to mess about with PHP configuration, you'd be better off with the 'cookie' session scheme. For that you need to set $auth["session_cookie"]["session_expire_time"] too.
Oh, and if you want your cookies to be secure, you really should set $auth["session_cookie"]["secret"] too.
View and moderate all "support-requests Discussion" comments posted by this user
Mark all as spam, and block user from posting to "Support Requests"
Thanks for giving advice. I changes the auth configuration as you suggested ("..." is a placeholder) and set the expire time to 5 years which shoud be sufficent.