Steve P
|
|
« on: June 04, 2009, 09:44:10 am » |
|
I have found that I have to log in to the blog pretty much every time I want to log miles. This was a small annoyance before, but now that comments require a login, it has become more of an obstacle. I'm assuming this in place as a "security" measure for people who use public computers, but in my opinion, the annoyance factor is much greater than the potential (though probably miniscule) security benefits. Personally, I'm not worried about someone hacking into my account and adding more miles than I actually did or something like that. Maybe others are. As an alternative, I would suggest a checkbox on the login for people to indicate whether they are at a public computer. If so, then they could be logged out after an hour or so. If not, they could stay logged in for a couple weeks (as in email services like GMail and Yahoo Mail). Or maybe there's some way around this that I'm not noticing?
|
|
« Last Edit: June 04, 2009, 09:55:44 am by Steve P »
|
Logged
|
|
|
|
Paul Petersen
|
|
« Reply #1 on: June 04, 2009, 10:37:54 am » |
|
I second that. A "stay logged in" checkbox would be great. Right now the login expires when the browser session is finished. Rather annoying for those that are used to Facebook, yahoo/google mail, and other apps.
|
|
|
Logged
|
|
|
|
Sasha Pachev
|
|
« Reply #2 on: June 04, 2009, 01:05:59 pm » |
|
It is a bug of some kind. For some reason sessions keep expiring after about 15 minutes. I have no clue why. It is very difficult to investigate because each try takes 15 minutes to know if you got the fix right, and at this point I do not even know where to start. I have checked the cookies that come to the browser and they are set to never expire. Possibly PHP session manager itself is losing the sessions, even though I thought I told it to not expire them. One idea is to try a custom session handler, that might do it. Will give it a try when I have a moment.
|
|
|
Logged
|
|
|
|
Steve P
|
|
« Reply #3 on: June 04, 2009, 01:09:44 pm » |
|
I'm don't know much about PHP, but I found a couple pages that say this type of thing was a bug in earlier (<=2.2) versions of PHP. http://bugs.php.net/bug.php?id=43226Not sure what version you're using, but that might be a potential cause.
|
|
|
Logged
|
|
|
|
Steve P
|
|
« Reply #4 on: June 04, 2009, 01:11:42 pm » |
|
Actually, as I read that page closer, it may not be what I thought it was. They're saying it could be something with the proxy, but I'm not sure what they mean by that.
|
|
|
Logged
|
|
|
|
Sasha Pachev
|
|
« Reply #5 on: June 04, 2009, 02:22:36 pm » |
|
After some RTFM (Read The Fine Manual) on how PHP sessions work I figured it out, I think. Setting session.gc_maxlifetime is meaningless after session_start() (which is what I was doing) , and is useless anyway for a number of reasons, especially on Ubuntu with default setup because on Ubuntu sessions are garbage collected from a cron but the value does come from php.ini. So I upped the session.gc_maxlifetime to 100 hours, let's see if that solves the problem. Report here if it does or not.
|
|
|
Logged
|
|
|
|
Steve P
|
|
« Reply #6 on: June 05, 2009, 12:22:30 am » |
|
I'm afraid to say it doesn't appear to be working for me still. If I log in, then close Firefox, then restart Firefox, then browse to http://stevep.fastrunningblog.com, it asks me to log in and doesn't have a link to my calendar. Do I need to go to a more precise URL? I'm sure you thought of this, but maybe the Web server needs to be restarted for the changes to take effect?
|
|
|
Logged
|
|
|
|
Sasha Pachev
|
|
« Reply #7 on: June 06, 2009, 04:18:47 pm » |
|
For this change the web server restart has no effect because the session garbage collection is done by a cron job outside the server.
If you restart the browser it loses the cookie unless you tell it to keep the cookies until they expire. What is the setting in Firefox under Edit->Preferences then look under Cookies Keep Unitl?
|
|
|
Logged
|
|
|
|
Steve P
|
|
« Reply #8 on: June 08, 2009, 12:05:44 pm » |
|
I'm using Firefox 3.0.10, so the Cookie settings were in a slightly different place than you mentioned. But it is (and has been) set to keep the cookies until they expire.
I have noticed that the cookies have been staying longer (more than a few hours), so it may be working better now, so I'll have to keep an eye on it.
|
|
|
Logged
|
|
|
|
Sasha Pachev
|
|
« Reply #9 on: June 08, 2009, 03:25:45 pm » |
|
They are set to time out after 60 hours.
|
|
|
Logged
|
|
|
|
Steve P
|
|
« Reply #10 on: June 09, 2009, 10:40:35 am » |
|
Seems to be working for me now both in Firefox and Google Chrome. My preference would be for the cookies to last for 1-2 weeks rather than 2.5 days (60 hours) for the reasons stated above.
|
|
|
Logged
|
|
|
|
Steve P
|
|
« Reply #11 on: October 06, 2009, 09:46:17 pm » |
|
My login seems to be expiring after a few hours again. I am using a new computer, so it might have something to do with that. But I have cookies enabled, and the configuration is the same as what I had on my old computer (Windows XP, Google Chrome).
|
|
|
Logged
|
|
|
|
|