Dirty Butter Posted September 29, 2011 Share Posted September 29, 2011 Can someone tell me how to stop the Admin login from timing out or at least lengthen the time before it automatically logs me out? I'm used to keeping a tab open all day long for each of our stores. Quote Link to comment Share on other sites More sharing options...
Dirty Butter Posted October 9, 2011 Author Share Posted October 9, 2011 Still hoping for help on this. Quote Link to comment Share on other sites More sharing options...
Dirty Butter Posted October 9, 2011 Author Share Posted October 9, 2011 I searched through the bug reports and finally found the file that controls this: classes/session.class.php Until someone can help me with a better way I did this: //Set the lifetime to 30 minutes //I set it to 12 hours ini_set('session.gc_maxlifetime', 43200); I know that's not a good way to do it, but it seems to be working for now. As the day goes by we'll see. It needs an if..else so it keeps the admin logged in, but times out a viewer who has left the page open for an extended time. It may well be that that code is in there somewhere already and just needs tweaking. Quote Link to comment Share on other sites More sharing options...
Dirty Butter Posted December 27, 2011 Author Share Posted December 27, 2011 I searched through the bug reports and finally found the file that controls this: classes/session.class.php Until someone can help me with a better way I did this: //Set the lifetime to 30 minutes //I set it to 12 hours ini_set('session.gc_maxlifetime', 43200); I know that's not a good way to do it, but it seems to be working for now. As the day goes by we'll see. It needs an if..else so it keeps the admin logged in, but times out a viewer who has left the page open for an extended time. It may well be that that code is in there somewhere already and just needs tweaking. I was concerned about prolonged customer sessions getting orders mixed up, as I'd seen bug reports dealing with that. So I put this back to the default. But it really does need a way to keep the ADMIN logged in indefinitely, while using a short session length for customers. Quote Link to comment Share on other sites More sharing options...
WhiteWillowStitching Posted December 28, 2011 Share Posted December 28, 2011 I agree it would be nice to not have to log in every time I blink. Quote Link to comment Share on other sites More sharing options...
Guest sami5777 Posted December 29, 2011 Share Posted December 29, 2011 I agree it would be nice to not have to log in every time I blink. Yep, would be really, really nice. Quote Link to comment Share on other sites More sharing options...
bsmither Posted January 2, 2012 Share Posted January 2, 2012 Would you please try this: In the file \classes\session.class.php, at around line 55, change to: $this->_session_timeout = (ADMIN_CP) ? 60 * 60 * 24 : 60 * 60 * 1; This uses the constant that is set depending whether one visits the admin.php (true - wanting to go to the admin screens or login as an admin) or index.php (false - visitor at the store). If an admin, then a login session will expire after 24 hours of inactivity(*). Otherwise, a session is just an hour of inactivity(*). (*)This is assuming the cause of premature loss of session control is analyzed, found, and fixed. Also, this may take one or more log-out and log-in cycles to take effect. Quote Link to comment Share on other sites More sharing options...
Dirty Butter Posted January 2, 2012 Author Share Posted January 2, 2012 Would you please try this: In the file \classes\session.class.php, at around line 55, change to: $this->_session_timeout = (ADMIN_CP) ? 60 * 60 * 24 : 60 * 60 * 1; This uses the constant that is set depending whether one visits the admin.php (true - wanting to go to the admin screens or login as an admin) or index.php (false - visitor at the store). If an admin, then a login session will expire after 24 hours of inactivity(*). Otherwise, a session is just an hour of inactivity(*). (*)This is assuming the cause of premature loss of session control is analyzed, found, and fixed. Also, this may take one or more log-out and log-in cycles to take effect. I logged in and out 6 times, but Admin still times out quickly for me. But I'm having major session problems right now. I'm probably not a good test of your code. Quote Link to comment Share on other sites More sharing options...
Guest Posted January 6, 2012 Share Posted January 6, 2012 Hi bsmither Just found your post as I have been having the same problem with being logged out every few minutes. I made your suggested changes and went through a full half hour session, with tea break, without getting logged out. I hope it now stays that way Many thanks Quote Link to comment Share on other sites More sharing options...
Guest yorky7557 Posted January 16, 2012 Share Posted January 16, 2012 Would you please try this: In the file classessession.class.php, at around line 55, change to: $this->_session_timeout = (ADMIN_CP) ? 60 * 60 * 24 : 60 * 60 * 1; This uses the constant that is set depending whether one visits the admin.php (true - wanting to go to the admin screens or login as an admin) or index.php (false - visitor at the store). If an admin, then a login session will expire after 24 hours of inactivity(*). Otherwise, a session is just an hour of inactivity(*). (*)This is assuming the cause of premature loss of session control is analyzed, found, and fixed. Also, this may take one or more log-out and log-in cycles to take effect. Implemented this code change today and looks like a winner to me! Many thanks for the snippet. Cheers Yorky Quote Link to comment Share on other sites More sharing options...
Guest Dazmanjunket Posted February 10, 2012 Share Posted February 10, 2012 Okay this change in session.class.php Is it replacing this as this is what I found around line 55? //Set the lifetime to 30 minutes ini_set('session.gc_maxlifetime', 1800) <----- Is it replacing line or being added before or after this line? As you are saying change: "In the file classessession.class.php, at around line 55, change to: $this->_session_timeout = (ADMIN_CP) ? 60 * 60 * 24 : 60 * 60 * 1;" Regards Dazman Quote Link to comment Share on other sites More sharing options...
duckmansweb Posted August 4, 2013 Share Posted August 4, 2013 i would also like this , as i need the admin page to stay open all day without timing out , but keep the customer time out the same as it was Quote Link to comment Share on other sites More sharing options...
Dirty Butter Posted August 5, 2013 Author Share Posted August 5, 2013 I'd forgotten about this thread. I'll do some testing and see how Bsmither's code works for me now that I'm on 5.2.2. Quote Link to comment Share on other sites More sharing options...
bsmither Posted August 5, 2013 Share Posted August 5, 2013 In sessions.class.php, find: if (session_id()) { session_unset(); session_destroy(); $_SESSION = array(); } After that, add: /** * Session time out * Change the last number of each group to the number of hours, admin : customer */ $this->_session_timeout = (ADMIN_CP) ? 60 * 60 * 168 : 60 * 60 * 168; // 7 days This does work, but there is a caveat. There is a lot of discussion (most of it badly expressed) about PHP's garbage collection. Garbage Collection is, in a sense, the dropping of sessions that, according to PHP's configuration, are past their expected lifetime. This is not the same as a cookie lifetime, which is what the above added code sets. Without getting into the nuts and bolts of it, the garbage collection happens every time PHP runs, and there is a gamble of any session getting deleted. However, there isn't that much to worry about as the algorithm is very understanding of the need to keep sessions in the queue that need to be in the queue. So, aside from a bad security token, the odds of have a session destroyed without merit is extremely low. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.