LGF Login Notes 5
Charles Johnson
Fri Apr 13, 2007 at 11:34 am PDT • Views: 212
The login system is working very well, but we’ve had a problem with login sessions timing out too rapidly. By modifying the source code to the PEAR HTTP_Session module, I believe I’ve finally put a stake through this bug’s heart. I wasn’t using the problematic “idle” setting, so now it’s simply set to the same value as the expiration time. This should result in a nice predictable 6-hour session timeout, as intended.
I know it’s working for shorter test periods, so we’ll see how it behaves in the LGF jungle.
UPDATE at 4/13/07 11:53:00 am:
Again I remind our readers that you must have cookies enabled in your browser to log in sucessfully.
UPDATE at 4/13/07 1:02:59 pm:
Stinky told me to check out the garbage collection settings (he’s the expert on that), and sure enough the gc_maxlifetime variable was set to … 24 minutes. Which would explain an awful heck of a lot. It’s now set to 6 hours, like the session expiration time. Dare I hope I’ve killed the bug?
(I also restored the original HTTP_Session source code.)
Frank says: