papai Posted August 27, 2008 Share Posted August 27, 2008 After I login into Back Office, my working session last until I click on logout button. That mean, if I login and close or turn off my computer, my account still verified in cookie and I still use Back office without having ti login again.I would recommend that we set our session is ended after an amount of time that we don't use the Back Office of turn off computer. That may make Back Office safer and more security. Link to comment Share on other sites More sharing options...
bramp Posted August 28, 2008 Share Posted August 28, 2008 This is a useful feature, and one I requested for the front office.You can set the timeout of the cookie to last the lenght of the browser session by doing the following:Change line 50 of classes\Cookie.php from: $this->_expire = isset($expire) ? intval($expire) : (time() + 1728000); to $this->_expire = isset($expire) ? intval($expire) : 0; Now this should set the default expire time to zero, which will cause the cookie for the front and back offices to expire when the user closes the browser.To change it for just the back office is a little harder as you need to modify 1 or 2 lines in about 10 files, or do a nasty hack in Cookie. Link to comment Share on other sites More sharing options...
Madrilene Posted September 28, 2008 Share Posted September 28, 2008 hi brampthank you for the line code, it works perfectly except the fact that if the windows appears (with IE7) in a new "tab" then if you only close the shop tab, and reopen in the same window, the client is still logged (that's logical because the windows itself has not been closed), but it would be nice if the cookie could dissapear also when only the tab is shut down.... Link to comment Share on other sites More sharing options...
bramp Posted September 28, 2008 Share Posted September 28, 2008 Unfortunately we can't control when the browser deletes the cookie, so you will have to live with IE7 not deleting it until the window is closed. Perhaps try Google Chrome as that ensure each tab is separated from the others. Link to comment Share on other sites More sharing options...
Madrilene Posted September 28, 2008 Share Posted September 28, 2008 Ok thanksi 'm happy even with this minor trouble ;-) Link to comment Share on other sites More sharing options...
vline Posted November 6, 2008 Share Posted November 6, 2008 How do you set the cookie to logout due to inactivity? So far, you're describing one of 2 scenarios:1. [$this->_expire = isset($expire) ? intval($expire) : (time() + 1728000); ] is set to expire in 20 days.2. [$this->_expire = isset($expire) ? intval($expire) : 0;] is set to expire when you close the browser out which closes the session.If you set the cookie to expire in say 10 minutes or 600 seconds, it'll expire whether or not there's activity. How do you refresh or reset the cookie time to authenticate you within the session if you're still actively navigating it? Link to comment Share on other sites More sharing options...
Recommended Posts