session timeout

sergiocesar · **Joined:** Thu Dec 03, 2009 11:18 am **Posts:** 62

Since 1.3 the session times out in about 1 hour, EVEN if one is actively working login you off in the middle of doing things like if the activity timer is not working.
This is VERY annoying to say the least.
Can someone give me some idea how I can disable the timer till this can be looked at and fixed?
Very frustrating.

RobinA · **Posted:** Fri Jan 01, 2010 9:59 pm

Hi,

If you found the answer to that problem, would you share it with us. I do agree, it's very annoying. I fact I was working on an email template, got interrupted a few times and lost everything when I tried to save. I can understand the timeout in the Customer and Agent portals, but for admin, I really don't need it.

Any help would be appreciated.

Thanks.

LFCII · **Joined:** Tue Aug 19, 2008 3:49 pm **Posts:** 184

Hi,

Look for the code with comments // Control Session Time in admin.defines.php. This might be were this timeout can be adjusted.

Please comment if this works for you.

Kind Regards,

Les

sergiocesar · **Joined:** Thu Dec 03, 2009 11:18 am **Posts:** 62

here is the code:
// Control Session Time
if (isset($_SESSION['startTime'])) {
$timeDiff = time() - $_SESSION['startTime'];

//destroy session
if ($timeDiff > 3600) { // 60 minutes
//echo "You've been logged in too long. ($timeDiff)";
$_SESSION = array();
session_destroy();
setcookie('PHPSESSID', '', time()-3600, '/', '', 0,0);
}
} else {
$_SESSION['startTime'] = time();
}

I am not a programmer but it looks to me that this just destroy your session regardless in 1 hour.
actually it should reset the timer at any time IF it has not expired thus only expiring if it has been idle for 1 hour.
I dont have a test box and dont want to mess with something I dont fully understand. it seems to me that if we do this it may work???

// Control Session Time
if (isset($_SESSION['startTime'])) {
$timeDiff = time() - $_SESSION['startTime'];

//destroy session
if ($timeDiff > 3600) { // 60 minutes
//echo "You've been logged in too long. ($timeDiff)";
$_SESSION = array();
session_destroy();
setcookie('PHPSESSID', '', time()-3600, '/', '', 0,0);
}
// reset to zero if we still working..... next 3 lines
else{
$_SESSION['startTime'] = time();
}
} else {
$_SESSION['startTime'] = time();
}

if some smart programmer out there can comment!!!!

RobinA · **Posted:** Sat Jan 02, 2010 3:33 pm

Les,

Thanks you for that feedback. The session timeout was set for 3600 seconds. I changed it to a higher number and it works just fine.

Rob.

LFCII · **Joined:** Tue Aug 19, 2008 3:49 pm **Posts:** 184

sergiocesar wrote:

here is the code:
// Control Session Time
if (isset($_SESSION['startTime'])) {
$timeDiff = time() - $_SESSION['startTime'];

//destroy session
if ($timeDiff > 3600) { // 60 minutes
//echo "You've been logged in too long. ($timeDiff)";
$_SESSION = array();
session_destroy();
setcookie('PHPSESSID', '', time()-3600, '/', '', 0,0);
}
} else {
$_SESSION['startTime'] = time();
}

I am not a programmer but it looks to me that this just destroy your session regardless in 1 hour.
actually it should reset the timer at any time IF it has not expired thus only expiring if it has been idle for 1 hour.
I dont have a test box and dont want to mess with something I dont fully understand. it seems to me that if we do this it may work???

// Control Session Time
if (isset($_SESSION['startTime'])) {
$timeDiff = time() - $_SESSION['startTime'];

//destroy session
if ($timeDiff > 3600) { // 60 minutes
//echo "You've been logged in too long. ($timeDiff)";
$_SESSION = array();
session_destroy();
setcookie('PHPSESSID', '', time()-3600, '/', '', 0,0);
}
// reset to zero if we still working..... next 3 lines
else{
$_SESSION['startTime'] = time();
}
} else {
$_SESSION['startTime'] = time();
}

if some smart programmer out there can comment!!!!

Did anyone try this code yet to see if it will work.

Kind Regards,

Les

provided by Star2Billing S.L.

session timeout

Who is online