user session to expire after an hour

12 posts by 3 authors in: Forums > CMS Builder
Last Post: April 26, 2010   (RSS)

By concrete - April 14, 2010

need a way to expire the user session after an hour.

Re: [concrete] user session to expire after an hour

By Jason - April 15, 2010

Hi,

Try this just before you create your session variable:
ini_set('session.gc.maxlifetime',3600);

This will set the sessions maximum lifetime to 1 hour (3600 seconds)

Hope this helps.
---------------------------------------------------
Jason Sauchuk - Project Manager
interactivetools.com

Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/

Re: [Jason] user session to expire after an hour

By concrete - April 15, 2010

Actually referring to the cmsb admin. My client doesn't want user to remain logged in after a user has ended there session by closing the browser or if the session has been active longer than one hour.

Currently cmsb stores a cookies that keeps users logged in until they log out.

Re: [concrete] user session to expire after an hour

By Jason - April 15, 2010

In the cmsAdmin folder, there is a file called php.ini

You can set session.gc_maxlifetime there as well.

Hope this helps.
---------------------------------------------------
Jason Sauchuk - Project Manager
interactivetools.com

Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/

Re: [Jason] user session to expire after an hour

By concrete - April 15, 2010

Will this also prevent the system from automatically logging in a user when they return

Re: [Jason] user session to expire after an hour

By concrete - April 24, 2010

There is no php.ini file in the cmsAdmin folder. Please advise

Re: [concrete] user session to expire after an hour

By Jason - April 26, 2010

Hi,

php.ini is not part of CMS Builder, but is part of your web server. If you open your CMS Builder and go to your "General Settings" page, down at the bottom is an area called "Server Info". You should see a link there that says "phpinfo".

If you click on that, you'll be brought to a page giving you all the PHP information for your server. You'll see a section called "Loaded Configuration File". This will tell you the path of where your php.ini file is located on the server. This might help point you in the right direction.

Some hosting services don't allow you access to php.ini. If you can't find the file, you can contact your hosting service to either give you access, or perhaps make the change for you.

Hope this helps.
---------------------------------------------------
Jason Sauchuk - Project Manager
interactivetools.com

Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/

Re: [concrete] user session to expire after an hour

By Dave - April 26, 2010

Hi concrete,

The short answer is that this isn't supported by CMSB.

But if you are comfortable editing the code you can try editing cmsAdmin/lib/init.php (make a backup first) and changing this value:

ini_set('session.cookie_lifetime', 60*60*24 ); // cookies are removed after this many seconds of inactiity (set to 0 for session only)

If you change the 24 to a 1 you'll get sessions that expire after 1 hour, or if you replace 60*60*24 with 0 you'll get sessions that expire when the browser is closed.

Note that if/when you upgrade this change will get overwritten, so if you make custom code changes we recommend creating a file called cmsAdmin/CUSTOM_CODE_CHANGES.txt and recording what you changed so it's easy to re-do later after upgrading.

Hope that helps!
Dave Edis - Senior Developer
interactivetools.com

Re: [Dave] user session to expire after an hour

By concrete - April 26, 2010

Hi Dave This solution didn't seem to work. I tried closing the browser window. When i go back to the admin it still logs me in.