Re: Why are users not being logged out after session expiration time? [XOOPS general usage questions]

1

Why are users not being logged out after session expiration time?

2005/5/5 7:31
tedsmith
Home away from home
Posts: 1151
Since: 2004/6/2 1

I'm confused...

On our internal Intranet I've set the session expire time as 480 minutes, which is a standard 8 hour day. The reasoning behind this being that most of our team will not work beyond 8 hours and if they do they can log back in after being logged out by Xoops.

However, I've noticed that it doesn't always log the user out after that time. For example, I logged in yesterday afternoon at 16:00, forgot to log out, came in this morning at 07:20, clicked on home, and I was still logged in?

I don't get it? It should have logged me out at about midnight? This site (Xoops.org) logs inactive users out after 15 minutes I think. How has that been set differently?

'USe Custom Session' is set to 'yes', a 'session name' has been specified, and '480' has been entered in the 'session expiration' field.

Is this correct? Should I turn custom session off? Is there another setting that I've missed? Are these the correct settings to handle logged in sessions? What is causing this problem?

Thanks

Ted

2

Re: Why are users not being logged out after session expiration time?

2005/5/5 13:17
tedsmith
Home away from home
Posts: 1151
Since: 2004/6/2 1

I've also read this FAQ but I don't think it answers my question. My problem is not related to disconnections happening too quickly and our Intranet only has 8 users (soon to be 20) so the 'connection to the database' issue should not be a problem either.

3

Re: Why are users not being logged out after session expiration time?

2005/5/5 19:51
tedsmith
Home away from home
Posts: 1151
Since: 2004/6/2 1

Anybody in the know about this?

4

Re: Why are users not being logged out after session expiration time?

2005/5/5 20:14
DonXoop
Posts: 1171
Since: 2003/11/27

Dumb question but do users have their password saved in the browser?

I never use the custom session config and it seems like a black art getting it right.

One other thought, is there a module or block or stats that updates itself (via jscript or whatever)? That could keep the cookie alive.

5

Re: Why are users not being logged out after session expiration time?

2005/5/5 21:37
skalpa
Quite a regular
Posts: 300
Since: 2003/4/16

Sessions don't expire exactly after the session expiration time. To prevent having to check all the sessions on each request, the garbage collection function is called with a limited probability (by default is has 1 chance out of ten to be called).
So if you're the last person to leave your office, but the first to come back the day after, it may not have been called yet. Thus, clicking on a link in your open browser window may "refresh" the session state, and prevent it to expire.

skalpa.>

6

Re: Why are users not being logged out after session expiration time?

2005/5/6 13:13
tedsmith
Home away from home
Posts: 1151
Since: 2004/6/2 1

Ok, both these make sense.

If I turn off the custom session how will XOOPS know how long to leave the user logged in for? DonXoop - how do your users get on without the custom sessions? Is there a default time that XOOPS logs users out by if custom session is disabled?

7

Re: Why are users not being logged out after session expiration time?

2005/5/6 14:02
Mithrandir
XOOPS is my life!
Posts: 6320
Since: 2003/6/21

If custom sessions are disabled, XOOPS will leave sessions expiration to PHP. These settings are in the webserver's php.ini

8

Re: Why are users not being logged out after session expiration time?

2005/5/6 15:21
tedsmith
Home away from home
Posts: 1151
Since: 2004/6/2 1

Thanks Mith

I've turned it off for now and editied my php.ini file and adjusted the session_expiration value to 28800 (8 hours in seconds). I've left it logged in so when I come back to work on Monday I'll see if it has logged me out.

Thanks

Ted

Stats
Goal:	$100.00
Due Date:	May 31
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$100.00

Why are users not being logged out after session expiration time?

Re: Why are users not being logged out after session expiration time?

Re: Why are users not being logged out after session expiration time?

Re: Why are users not being logged out after session expiration time?

Re: Why are users not being logged out after session expiration time?

Re: Why are users not being logged out after session expiration time?

Re: Why are users not being logged out after session expiration time?

Re: Why are users not being logged out after session expiration time?

Login

Search

Recent Posts

New Admin Theme for XOOPS

Re: AdminLTE

Re: AdminLTE

Re: AdminLTE

AdminLTE

Re: Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Re: NewBB v 5.1.0 b 6

Re: NewBB v 5.1.0 b 6

NewBB v 5.1.0 b 6

Who's Online

Donat-O-Meter

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}