A couple of related questions:
1. What happens when someone doesn't logout? Does the login expire after some point? Is it configurable?
2. Can multiple people login in simultaneously from different machines to the same account?
1. Default timeout is whatever is in the php.ini for the 'session.gc_maxlifetime' setting. You can configure it by changing that via ini_set
2. yes, but if you want to prevent that, you can simply edit the include/sessions.php file by:
* returning FALSE in session_open and session_read if there is a session for that user open already
* deleting the corresponding entry in the table for session_close (I should do that anyway, just havn't gotten around to it)
Log in to post a comment.
A couple of related questions:
1. What happens when someone doesn't logout? Does the login expire after some point? Is it configurable?
2. Can multiple people login in simultaneously from different machines to the same account?
1. Default timeout is whatever is in the php.ini for the 'session.gc_maxlifetime' setting. You can configure it by changing that via ini_set
2. yes, but if you want to prevent that, you can simply edit the include/sessions.php file by:
* returning FALSE in session_open and session_read if there is a session for that user open already
* deleting the corresponding entry in the table for session_close (I should do that anyway, just havn't gotten around to it)