Menu

#1118 (ok 3.2.0) LoginCookieValidity may clash with gc_maxlifetime

fixed
Michal Čihař
Configuration (81)
1
2013-06-11
2008-09-25
Thijs Kinkhorst
No

Hi,

A Debian user reported that increasing LoginCookieValidity did not work for him. It turned out that his PHP's session.gc_maxlifetime setting got in the way and was shorter than this timeout, so the session got garbage collected earlier.

I think it should be documented at this option that the user needs to ensure that PHP's session.gc_maxlifetime is greater than the value of LoginCookieValidity.

I don't think it's necessary to fiddle with session.gc_maxlifetime as phpMyAdmin as this may adversely affect other applications running on the same host.

Discussion

  • Marc Delisle

    Marc Delisle - 2008-10-04

    Yes we can document it, but why not add a warning on the main page when this happens? Not everyone reads the doc...

     

  • Michal Čihař

    Michal Čihař - 2008-11-30
    • assigned_to: nobody --> nijel
     

  • Michal Čihař

    Michal Čihař - 2008-11-30

    I added to documentation, implemented check for this situation in main.php and adjusted default SessionValidity to be same as default for session.gc_maxlifetime.

     

  • Michal Čihař

    Michal Čihař - 2008-11-30
    • priority: 5 --> 1
    • summary: LoginCookieValidity may clash with session.gc_maxlifetime --> (ok 3.2.0) LoginCookieValidity may clash with gc_maxlifetime
     

  • Marc Delisle

    Marc Delisle - 2009-06-15
    • status: open --> closed
     

  • Michal Čihař

    Michal Čihař - 2013-06-11
    • Status: closed --> fixed