Quote:
In my hack (I do not know as in the others) - users of a portal have a checkbox at an entrance (in login block).
If they will put this flag at an entrance - they will overlook about input any login or the password for 100 days.
Thus at each new visiting a site this term is prolonged automatically (for 100 days as I say).

The password is stored as the control sum. The name is stored as ID.

If somebody will prompt any unique variable automatically generated at installation of a XOOPS (like a PID in Apache) - that I shall make 100% secure system.

PS. A prolongation of length of sessions is not required any hack as far as I know. But sessions are necessary for another, and it is very bad idea about prolongation of session.

Quote:
Simply take last distribution kit of XOOPS and rewrite all files. Except one - mainfile.php.

PS. IMHO it is necessary to discuss all good and bad sides of hacks. With the purpose to press on developers of a XOOPS and to add good things inside of the distribution kit of a Xoops.

Thanks!

I still dont understand many of the 'technical' issues (like PID for example) but I have a better idea of how your hack works, and what I do understand is enough for me (and I'm sure the technical stuff means something for everybody else

I will give it a try, your hack seems to do exactly what I want..thanks again.

I tried the edits listed here...got a big white screen and nothing else upon login.

So, I reverted the files to the standard and made sure that it was fixed. It was.

Uploaded Jan's hack. I can log in, but it doesn't work; it forgets the logins like always before.

Custom sessions are on. Everything should be set. But...nada.

Any insight?

I've used the hack from Jan's site, and it worked without a problem using XOOPS 2.02, W2K Server and IIS.

My only reservation with using such a hack (which has already been brought up I think) is that to my understanding the way it works is by leaving sessions open for extended periods of time. My problems with this method are;

1. on a site with a lot of traffic, there would be a significant performnace hit on your server.

2. Using this method is not suitable to have true "never log off" option.

3. Using this method the "Who's Online" block will always be inaccurate as it'll be populated by not only active sessions, but sessions that may have been inactive for several days depending on what you have set your session timeout to be.

This all said I think it's a very welcome hack, and given the option of having it, or not having it I most certainly am on the side of it being there. Better to have some form of auto login than none at all.

I've been an end user of CMS modules for far longer than I've been running them on my website (and thus have zero programming knowledge, so forgive me if I'm being simplistic), and I've always found it extremely frustrating not being able to set the option to login automatically to a site, especially when signing up to dozens of sites with lots having different username and password length and makup requirements making it difficult to have a generic username and password to use on all sites.

The lack of a auto login feature is one of three problems I've come across with XOOPS which if I hadn't been able to find some workaround for would've forced me to look at another CMS as my solution. Other than that, XOOPS is a top CMS and is well ahead on the easy of use and managebility side of things.

like most people aware of the lack of a true auto login feature, I encourage the XOOPS devs to keep up the great work, but please look into implementing a configuratble true auto-login feature into the core for a future release. Perhaps even in it's own module?

Quote:
If you had difficulties with manual updating a code - just try to download already modified files from here: Some Useful Hacks

Hey Ace_Armstrong,

Do you get the "Remember me?" checkbox? As I think the advantage with the hack from www.jan304.org is that you must select that checkbox to use the extended session timeout. Otherwise you use what ever the default session timeout you have set.

Quote:

That's the one I am using, and like I said, it's just not working. Doesn't keep you logged in at all. *Grr!*

Reason I ask is because when I tried to first apply the hack, I tried doing it by manually adding the lines of code to the files. After much stuffing around I couldn't get it to work, so I downloaded and applied the hack from jan304 and it worked straight off.

However, last night I decided to recreate my test site from scratch, and I could not get the checkbox to be displayed after applying the appropriate hack to a dead stock install of either 2.02 or 2.03.

What I found I had to do to get the checkbox to be displayed to be able to select using the exteneded session was go into the template_c directory off the site root, then look for a file names something like system_block_login.html, then add the line of code below (which is included in the jan304 hack readme) to it manually.

<input type="checkbox" name="rememberme" value="On" class ="formButton" checked />Remember me?<br />

I have no idea what the template_c folder is for. I can only imagine its a template cache of some sort? As to why the hack worked for me in the first place, I can only assume I had already done exactly as above before applying the jan304 hack.

The ironic thing is that this is my second attempt at this post, my first session timed out. Just goes to show how useful a hack like this is .

Quote:

Ah. I see what you're getting at. Nope...I'm getting the checkbox. It just isn't making it remember you when you tell it to do so!