// If the user does not access any page within this time,
// his/her session is considered expired (3600 sec. = 1 hour)
public static $inactivityTimeout = 3600;
+ // Extra timeout for long sessions (if enabled) (82800 sec. = 23 hours)
+ public static $longSessionTimeout = 82800;
// If you get disconnected often or if your IP address changes often.
// Let you disable session cookie hijacking protection
public static $disableSessionProtection = false;
$password,
$loginTest,
$passwordTest,
+ $longlastingsession,
$pValues = array())
{
self::banInit();
$_SESSION['username'] = $login;
// Set session expiration.
$_SESSION['expires_on'] = time() + self::$inactivityTimeout;
-
+ if ($longlastingsession) {
+ $_SESSION['longlastingsession'] = self::$longSessionTimeout;
+ $_SESSION['expires_on'] += $_SESSION['longlastingsession'];
+ }
+
foreach ($pValues as $key => $value) {
$_SESSION[$key] = $value;
}
*/
public static function logout()
{
- unset($_SESSION['uid'], $_SESSION['ip'], $_SESSION['expires_on']);
+ unset($_SESSION['uid'],$_SESSION['ip'],$_SESSION['expires_on'],$_SESSION['tokens'], $_SESSION['login'], $_SESSION['pass'], $_SESSION['longlastingsession'], $_SESSION['poche_user']);
}
/**
projects / github / wallabag / wallabag.git / blobdiff