1
tedsmith
Why are users not being logged out after session expiration time?
  • 2005/5/5 7:31

  • tedsmith

  • Home away from home

  • Posts: 1151

  • Since: 2004/6/2 1


I'm confused...

On our internal Intranet I've set the session expire time as 480 minutes, which is a standard 8 hour day. The reasoning behind this being that most of our team will not work beyond 8 hours and if they do they can log back in after being logged out by Xoops.

However, I've noticed that it doesn't always log the user out after that time. For example, I logged in yesterday afternoon at 16:00, forgot to log out, came in this morning at 07:20, clicked on home, and I was still logged in?

I don't get it? It should have logged me out at about midnight? This site (Xoops.org) logs inactive users out after 15 minutes I think. How has that been set differently?

'USe Custom Session' is set to 'yes', a 'session name' has been specified, and '480' has been entered in the 'session expiration' field.

Is this correct? Should I turn custom session off? Is there another setting that I've missed? Are these the correct settings to handle logged in sessions? What is causing this problem?

Thanks

Ted

2
tedsmith
Re: Why are users not being logged out after session expiration time?
  • 2005/5/5 13:17

  • tedsmith

  • Home away from home

  • Posts: 1151

  • Since: 2004/6/2 1


I've also read this FAQ but I don't think it answers my question. My problem is not related to disconnections happening too quickly and our Intranet only has 8 users (soon to be 20) so the 'connection to the database' issue should not be a problem either.

3
tedsmith
Re: Why are users not being logged out after session expiration time?
  • 2005/5/5 19:51

  • tedsmith

  • Home away from home

  • Posts: 1151

  • Since: 2004/6/2 1


Anybody in the know about this?

4
DonXoop
Re: Why are users not being logged out after session expiration time?

Dumb question but do users have their password saved in the browser?

I never use the custom session config and it seems like a black art getting it right.

One other thought, is there a module or block or stats that updates itself (via jscript or whatever)? That could keep the cookie alive.

5
skalpa
Re: Why are users not being logged out after session expiration time?
  • 2005/5/5 21:37

  • skalpa

  • Quite a regular

  • Posts: 300

  • Since: 2003/4/16


Sessions don't expire exactly after the session expiration time. To prevent having to check all the sessions on each request, the garbage collection function is called with a limited probability (by default is has 1 chance out of ten to be called).
So if you're the last person to leave your office, but the first to come back the day after, it may not have been called yet. Thus, clicking on a link in your open browser window may "refresh" the session state, and prevent it to expire.

skalpa.>

6
tedsmith
Re: Why are users not being logged out after session expiration time?
  • 2005/5/6 13:13

  • tedsmith

  • Home away from home

  • Posts: 1151

  • Since: 2004/6/2 1


Ok, both these make sense.

If I turn off the custom session how will XOOPS know how long to leave the user logged in for? DonXoop - how do your users get on without the custom sessions? Is there a default time that XOOPS logs users out by if custom session is disabled?

7
Mithrandir
Re: Why are users not being logged out after session expiration time?

If custom sessions are disabled, XOOPS will leave sessions expiration to PHP. These settings are in the webserver's php.ini

8
tedsmith
Re: Why are users not being logged out after session expiration time?
  • 2005/5/6 15:21

  • tedsmith

  • Home away from home

  • Posts: 1151

  • Since: 2004/6/2 1


Thanks Mith

I've turned it off for now and editied my php.ini file and adjusted the session_expiration value to 28800 (8 hours in seconds). I've left it logged in so when I come back to work on Monday I'll see if it has logged me out.

Thanks

Ted

Login

Who's Online

294 user(s) are online (209 user(s) are browsing Support Forums)


Members: 1


Guests: 293


margoritka,

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits