From efdd1a3ffccc192f08b0fad4112b9eb5789dae01 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Mon, 28 Jul 2014 05:20:02 -0400
Subject: [PATCH] Fixed: FS#3556 - Der in Session-Timeout eingegebene Wert wird nicht durch Aktivität verlängert

---
 interface/lib/app.inc.php |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/interface/lib/app.inc.php b/interface/lib/app.inc.php
index 1d80b8a..8832f45 100755
--- a/interface/lib/app.inc.php
+++ b/interface/lib/app.inc.php
@@ -78,16 +78,16 @@
 					$tmp = $this->ini_parser->parse_ini_string(stripslashes($tmp['config']));
 					if(!isset($tmp['misc']['session_allow_endless']) || $tmp['misc']['session_allow_endless'] != 'y') {
 						$this->session->set_timeout($sess_timeout);
-						session_set_cookie_params(($sess_timeout * 60) + 300); // make the cookie live 5 minutes longer
+						session_set_cookie_params(3600 * 24 * 365); // cookie timeout is never updated, so it must not be short
 					} else {
 						// we are doing login here, so we need to set the session data
 						$this->session->set_permanent(true);
 						$this->session->set_timeout(365 * 24 * 3600); // one year
-						session_set_cookie_params(365 * 24 * 3600); // make the cookie live 5 minutes longer
+						session_set_cookie_params(3600 * 24 * 365); // cookie timeout is never updated, so it must not be short
 					}
 				} else {
 					$this->session->set_timeout($sess_timeout);
-					session_set_cookie_params(($sess_timeout * 60) + 300); // make the cookie live 5 minutes longer
+					session_set_cookie_params(3600 * 24 * 365); // cookie timeout is never updated, so it must not be short
 				}
 			} else {
 				session_set_cookie_params(0); // until browser is closed

--
Gitblit v1.9.1