// If the user does not access any page within this time,
// his/her session is considered expired (3600 sec. = 1 hour)
public static $inactivityTimeout = 3600;
+ // Extra timeout for long sessions (if enabled) (82800 sec. = 23 hours)
+ public static $longSessionTimeout = 82800;
// If you get disconnected often or if your IP address changes often.
// Let you disable session cookie hijacking protection
public static $disableSessionProtection = false;
$password,
$loginTest,
$passwordTest,
+ $longlastingsession,
$pValues = array())
{
self::banInit();
$_SESSION['username'] = $login;
// Set session expiration.
$_SESSION['expires_on'] = time() + self::$inactivityTimeout;
-
+ if ($longlastingsession) {
+ $_SESSION['longlastingsession'] = self::$longSessionTimeout;
+ $_SESSION['expires_on'] += $_SESSION['longlastingsession'];
+ }
+
foreach ($pValues as $key => $value) {
$_SESSION[$key] = $value;
}
*/
public static function logout()
{
- unset($_SESSION['uid'],$_SESSION['ip'],$_SESSION['expires_on'],$_SESSION['tokens'], $_SESSION['login'], $_SESSION['pass'], $_SESSION['poche_user']);
+ unset($_SESSION['uid'],$_SESSION['ip'],$_SESSION['expires_on'],$_SESSION['tokens'], $_SESSION['login'], $_SESSION['pass'], $_SESSION['longlastingsession'], $_SESSION['poche_user']);
}
/**
$user = $this->store->login($login, Tools::encodeString($password . $login));
if ($user != array()) {
# Save login into Session
- Session::login($user['username'], $user['password'], $login, Tools::encodeString($password . $login), array('poche_user' => new User($user)));
+ $longlastingsession = isset($_POST['longlastingsession']);
+ Session::login($user['username'], $user['password'], $login, Tools::encodeString($password . $login), $longlastingsession, array('poche_user' => new User($user)));
$this->messages->add('s', _('welcome to your poche'));
Tools::logm('login successful');
Tools::redirect($referer);