fix for long lasting session

diff --git a/inc/3rdparty/Session.class.php b/inc/3rdparty/Session.class.php
index df913a0680f4e5e3c8ed9906a0d57e72429445d3..32624559afb1e663d8f52af684433f2af41a31c2 100644 (file)
--- a/inc/3rdparty/Session.class.php
+++ b/inc/3rdparty/Session.class.php
@@ -32,6 +32,8 @@ class Session
     // If the user does not access any page within this time,
     // his/her session is considered expired (3600 sec. = 1 hour)
     public static $inactivityTimeout = 3600;
+    // Extra timeout for long sessions (if enabled) (82800 sec. = 23 hours)
+    public static $longSessionTimeout = 82800;
     // If you get disconnected often or if your IP address changes often.
     // Let you disable session cookie hijacking protection
     public static $disableSessionProtection = false;
@@ -106,6 +108,7 @@ class Session
         $password,
         $loginTest,
         $passwordTest,
+       $longlastingsession,
         $pValues = array())
     {
         self::banInit();
@@ -118,7 +121,11 @@ class Session
                 $_SESSION['username'] = $login;
                 // Set session expiration.
                 $_SESSION['expires_on'] = time() + self::$inactivityTimeout;
-
+                if ($longlastingsession) {
+                       $_SESSION['longlastingsession'] = self::$longSessionTimeout;
+                       $_SESSION['expires_on'] += $_SESSION['longlastingsession'];
+                }
+                
                 foreach ($pValues as $key => $value) {
                     $_SESSION[$key] = $value;
                 }
@@ -136,7 +143,7 @@ class Session
      */
     public static function logout()
     {
-        unset($_SESSION['uid'],$_SESSION['ip'],$_SESSION['expires_on'],$_SESSION['tokens'], $_SESSION['login'], $_SESSION['pass'], $_SESSION['poche_user']);
+        unset($_SESSION['uid'],$_SESSION['ip'],$_SESSION['expires_on'],$_SESSION['tokens'], $_SESSION['login'], $_SESSION['pass'], $_SESSION['longlastingsession'], $_SESSION['poche_user']);
     }
 
     /**

diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php
index d415dd03b6cd3820a7a1a62a041027657eeccd7d..adec9b288714c4424d59bf1d1289c0349a578c59 100644 (file)
--- a/inc/poche/Poche.class.php
+++ b/inc/poche/Poche.class.php
@@ -678,7 +678,8 @@ class Poche
             $user = $this->store->login($login, Tools::encodeString($password . $login));
             if ($user != array()) {
                 # Save login into Session
-                Session::login($user['username'], $user['password'], $login, Tools::encodeString($password . $login), array('poche_user' => new User($user)));
+               $longlastingsession = isset($_POST['longlastingsession']);
+                Session::login($user['username'], $user['password'], $login, Tools::encodeString($password . $login), $longlastingsession, array('poche_user' => new User($user)));
                 $this->messages->add('s', _('welcome to your poche'));
                 Tools::logm('login successful');
                 Tools::redirect($referer);