diff options
| -rw-r--r-- | config.php-dist | 6 | ||||
| -rw-r--r-- | include/sanity_check.php | 8 | ||||
| -rw-r--r-- | include/sanity_config.php | 4 | ||||
| -rw-r--r-- | include/sessions.php | 4 |
4 files changed, 6 insertions, 16 deletions
diff --git a/config.php-dist b/config.php-dist index 3e67a2487..1bb47d814 100644 --- a/config.php-dist +++ b/config.php-dist @@ -130,10 +130,8 @@ // 0 means cookie will be deleted when browser closes. // Setting this to zero will affect several user preferences // like widescreen mode not saving and disable "remember me". - - define('SESSION_EXPIRE_TIME', 86400*30); - // Hard expiration limit for sessions. Should be - // greater or equal to SESSION_COOKIE_LIFETIME + // Note that if remember me is not checked, session cookie + // will always expire with browser session. define('SESSION_CHECK_ADDRESS', 1); // Check client IP address when validating session: diff --git a/include/sanity_check.php b/include/sanity_check.php index 46e9e9d80..b2cb8ab45 100644 --- a/include/sanity_check.php +++ b/include/sanity_check.php @@ -56,14 +56,6 @@ } } - if (SESSION_EXPIRE_TIME < 60) { - array_push($errors, "SESSION_EXPIRE_TIME set in config.php is too low, please set it to an integer value >= 60"); - } - - if (SESSION_EXPIRE_TIME < SESSION_COOKIE_LIFETIME) { - array_push($errors, "SESSION_EXPIRE_TIME set in config.php should be >= to SESSION_COOKIE_LIFETIME"); - } - if (SINGLE_USER_MODE) { $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); diff --git a/include/sanity_config.php b/include/sanity_config.php index 80be1434e..9b28e46af 100644 --- a/include/sanity_config.php +++ b/include/sanity_config.php @@ -1,3 +1,3 @@ -<?php # This file has been generated at: Sat Feb 9 22:34:30 MSK 2013 +<?php # This file has been generated at: Thu Mar 28 10:05:39 MSK 2013 define('GENERATED_CONFIG_CHECK', 26); -$requred_defines = array( 'DB_TYPE', 'DB_HOST', 'DB_USER', 'DB_NAME', 'DB_PASS', 'MYSQL_CHARSET', 'SELF_URL_PATH', 'SINGLE_USER_MODE', 'SIMPLE_UPDATE_MODE', 'PHP_EXECUTABLE', 'LOCK_DIRECTORY', 'CACHE_DIR', 'ICONS_DIR', 'ICONS_URL', 'AUTH_AUTO_CREATE', 'AUTH_AUTO_LOGIN', 'FORCE_ARTICLE_PURGE', 'PUBSUBHUBBUB_HUB', 'PUBSUBHUBBUB_ENABLED', 'SPHINX_ENABLED', 'SPHINX_INDEX', 'ENABLE_REGISTRATION', 'REG_NOTIFY_ADDRESS', 'REG_MAX_USERS', 'SESSION_COOKIE_LIFETIME', 'SESSION_EXPIRE_TIME', 'SESSION_CHECK_ADDRESS', 'SMTP_FROM_NAME', 'SMTP_FROM_ADDRESS', 'DIGEST_SUBJECT', 'SMTP_HOST', 'SMTP_PORT', 'SMTP_LOGIN', 'SMTP_PASSWORD', 'CHECK_FOR_NEW_VERSION', 'ENABLE_GZIP_OUTPUT', 'PLUGINS', 'CONFIG_VERSION'); ?> +$requred_defines = array( 'DB_TYPE', 'DB_HOST', 'DB_USER', 'DB_NAME', 'DB_PASS', 'MYSQL_CHARSET', 'SELF_URL_PATH', 'SINGLE_USER_MODE', 'SIMPLE_UPDATE_MODE', 'PHP_EXECUTABLE', 'LOCK_DIRECTORY', 'CACHE_DIR', 'ICONS_DIR', 'ICONS_URL', 'AUTH_AUTO_CREATE', 'AUTH_AUTO_LOGIN', 'FORCE_ARTICLE_PURGE', 'PUBSUBHUBBUB_HUB', 'PUBSUBHUBBUB_ENABLED', 'SPHINX_ENABLED', 'SPHINX_INDEX', 'ENABLE_REGISTRATION', 'REG_NOTIFY_ADDRESS', 'REG_MAX_USERS', 'SESSION_COOKIE_LIFETIME', 'SESSION_CHECK_ADDRESS', 'SMTP_FROM_NAME', 'SMTP_FROM_ADDRESS', 'DIGEST_SUBJECT', 'SMTP_HOST', 'SMTP_PORT', 'SMTP_LOGIN', 'SMTP_PASSWORD', 'CHECK_FOR_NEW_VERSION', 'ENABLE_GZIP_OUTPUT', 'PLUGINS', 'CONFIG_VERSION'); ?> diff --git a/include/sessions.php b/include/sessions.php index 7ea319e36..23c19441e 100644 --- a/include/sessions.php +++ b/include/sessions.php @@ -4,7 +4,7 @@ require_once "config.php"; require_once "db.php"; - $session_expire = SESSION_EXPIRE_TIME; //seconds + $session_expire = max(SESSION_COOKIE_LIFETIME, 86400); $session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid" : TTRSS_SESSION_NAME; if (@$_SERVER['HTTPS'] == "on") { @@ -15,7 +15,7 @@ ini_set("session.gc_probability", 50); ini_set("session.name", $session_name); ini_set("session.use_only_cookies", true); - ini_set("session.gc_maxlifetime", SESSION_EXPIRE_TIME); + ini_set("session.gc_maxlifetime", $session_expire); function ttrss_open ($s, $n) { |