From 52dfa9ca7c5ef12f4e65ff88a0863f0a0f2acb19 Mon Sep 17 00:00:00 2001 From: Lukas Fleischer Date: Mon, 21 Feb 2011 18:17:55 +0100 Subject: Make persistent cookie timeout configurable via "config.inc" (FS#22994). Signed-off-by: Lukas Fleischer --- web/lib/acctfuncs.inc | 4 +++- web/lib/config.inc.proto | 2 ++ 2 files changed, 5 insertions(+), 1 deletion(-) (limited to 'web/lib') diff --git a/web/lib/acctfuncs.inc b/web/lib/acctfuncs.inc index 30b5a2f..513a142 100644 --- a/web/lib/acctfuncs.inc +++ b/web/lib/acctfuncs.inc @@ -601,6 +601,8 @@ function display_account_info($U="", $T="", $E="", $R="", $I="") { * SID of 0 means login failed. */ function try_login() { + global $PERSISTENT_COOKIE_TIMEOUT; + $login_error = ""; $new_sid = ""; $userID = null; @@ -641,7 +643,7 @@ function try_login() { if ($_POST['remember_me'] == "on") { # Set cookies for 30 days. - $cookie_time = time() + (60 * 60 * 24 * 30); + $cookie_time = time() + $PERSISTENT_COOKIE_TIMEOUT; # Set session for 30 days. $q = "UPDATE Sessions SET LastUpdateTS = $cookie_time "; diff --git a/web/lib/config.inc.proto b/web/lib/config.inc.proto index 3a0ed34..507ce27 100644 --- a/web/lib/config.inc.proto +++ b/web/lib/config.inc.proto @@ -48,3 +48,5 @@ $SUPPORTED_LANGS = array( # Idle seconds before timeout $LOGIN_TIMEOUT = 7200; +# Session timeout when using "Remember me" cookies +$PERSISTENT_COOKIE_TIMEOUT = 60 * 60 * 24 * 30; -- cgit v1.2.3-70-g09d2