From a0aa150418b628b32b18c70436d6be495129ee38 Mon Sep 17 00:00:00 2001
From: Dmitry Sandalov <dmitry@sandalov.org>
Date: Sat, 21 Dec 2013 23:39:45 +0400
Subject: [PATCH] fix for long lasting session

---
 inc/3rdparty/Session.class.php | 11 +++++++++--
 inc/poche/Poche.class.php      |  3 ++-
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/inc/3rdparty/Session.class.php b/inc/3rdparty/Session.class.php
index df913a06..32624559 100644
--- a/inc/3rdparty/Session.class.php
+++ b/inc/3rdparty/Session.class.php
@@ -32,6 +32,8 @@ class Session
     // If the user does not access any page within this time,
     // his/her session is considered expired (3600 sec. = 1 hour)
     public static $inactivityTimeout = 3600;
+    // Extra timeout for long sessions (if enabled) (82800 sec. = 23 hours)
+    public static $longSessionTimeout = 82800;
     // If you get disconnected often or if your IP address changes often.
     // Let you disable session cookie hijacking protection
     public static $disableSessionProtection = false;
@@ -106,6 +108,7 @@ class Session
         $password,
         $loginTest,
         $passwordTest,
+    	$longlastingsession,
         $pValues = array())
     {
         self::banInit();
@@ -118,7 +121,11 @@ class Session
                 $_SESSION['username'] = $login;
                 // Set session expiration.
                 $_SESSION['expires_on'] = time() + self::$inactivityTimeout;
-
+                if ($longlastingsession) {
+                	$_SESSION['longlastingsession'] = self::$longSessionTimeout;
+                	$_SESSION['expires_on'] += $_SESSION['longlastingsession'];
+                }
+                
                 foreach ($pValues as $key => $value) {
                     $_SESSION[$key] = $value;
                 }
@@ -136,7 +143,7 @@ class Session
      */
     public static function logout()
     {
-        unset($_SESSION['uid'],$_SESSION['ip'],$_SESSION['expires_on'],$_SESSION['tokens'], $_SESSION['login'], $_SESSION['pass'], $_SESSION['poche_user']);
+        unset($_SESSION['uid'],$_SESSION['ip'],$_SESSION['expires_on'],$_SESSION['tokens'], $_SESSION['login'], $_SESSION['pass'], $_SESSION['longlastingsession'], $_SESSION['poche_user']);
     }
 
     /**
diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php
index d415dd03..adec9b28 100644
--- a/inc/poche/Poche.class.php
+++ b/inc/poche/Poche.class.php
@@ -678,7 +678,8 @@ class Poche
             $user = $this->store->login($login, Tools::encodeString($password . $login));
             if ($user != array()) {
                 # Save login into Session
-                Session::login($user['username'], $user['password'], $login, Tools::encodeString($password . $login), array('poche_user' => new User($user)));
+            	$longlastingsession = isset($_POST['longlastingsession']);
+                Session::login($user['username'], $user['password'], $login, Tools::encodeString($password . $login), $longlastingsession, array('poche_user' => new User($user)));
                 $this->messages->add('s', _('welcome to your poche'));
                 Tools::logm('login successful');
                 Tools::redirect($referer);
-- 
2.41.0