remove SESSION_EXPIRE_TIME

xpbtmusic · Mar 28, 2013 · 6cfd3c1 · 6cfd3c1
1 parent f231f43
commit 6cfd3c1
Show file tree

Hide file tree

Showing 4 changed files with 6 additions and 16 deletions.
diff --git a/config.php-dist b/config.php-dist
@@ -130,10 +130,8 @@
 	// 0 means cookie will be deleted when browser closes.
 	// Setting this to zero will affect several user preferences
 	// like widescreen mode not saving and disable "remember me".
-
-	define('SESSION_EXPIRE_TIME', 86400*30);
-	// Hard expiration limit for sessions. Should be
-	// greater or equal to SESSION_COOKIE_LIFETIME
+	// Note that if remember me is not checked, session cookie
+	// will always expire with browser session.
 
 	define('SESSION_CHECK_ADDRESS', 1);
 	// Check client IP address when validating session:

diff --git a/include/sanity_check.php b/include/sanity_check.php
@@ -56,14 +56,6 @@ function initial_sanity_check($link) {
 				}
 			}
 
-			if (SESSION_EXPIRE_TIME < 60) {
-				array_push($errors, "SESSION_EXPIRE_TIME set in config.php is too low, please set it to an integer value >= 60");
-			}
-
-			if (SESSION_EXPIRE_TIME < SESSION_COOKIE_LIFETIME) {
-				array_push($errors, "SESSION_EXPIRE_TIME set in config.php should be >= to SESSION_COOKIE_LIFETIME");
-			}
-
 			if (SINGLE_USER_MODE) {
 				$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
 

diff --git a/include/sanity_config.php b/include/sanity_config.php
@@ -1,3 +1,3 @@
-<?php # This file has been generated at:  Sat Feb 9 22:34:30 MSK 2013
+<?php # This file has been generated at:  Thu Mar 28 10:05:39 MSK 2013
 define('GENERATED_CONFIG_CHECK', 26);
-$requred_defines = array( 'DB_TYPE', 'DB_HOST', 'DB_USER', 'DB_NAME', 'DB_PASS', 'MYSQL_CHARSET', 'SELF_URL_PATH', 'SINGLE_USER_MODE', 'SIMPLE_UPDATE_MODE', 'PHP_EXECUTABLE', 'LOCK_DIRECTORY', 'CACHE_DIR', 'ICONS_DIR', 'ICONS_URL', 'AUTH_AUTO_CREATE', 'AUTH_AUTO_LOGIN', 'FORCE_ARTICLE_PURGE', 'PUBSUBHUBBUB_HUB', 'PUBSUBHUBBUB_ENABLED', 'SPHINX_ENABLED', 'SPHINX_INDEX', 'ENABLE_REGISTRATION', 'REG_NOTIFY_ADDRESS', 'REG_MAX_USERS', 'SESSION_COOKIE_LIFETIME', 'SESSION_EXPIRE_TIME', 'SESSION_CHECK_ADDRESS', 'SMTP_FROM_NAME', 'SMTP_FROM_ADDRESS', 'DIGEST_SUBJECT', 'SMTP_HOST', 'SMTP_PORT', 'SMTP_LOGIN', 'SMTP_PASSWORD', 'CHECK_FOR_NEW_VERSION', 'ENABLE_GZIP_OUTPUT', 'PLUGINS', 'CONFIG_VERSION'); ?>
+$requred_defines = array( 'DB_TYPE', 'DB_HOST', 'DB_USER', 'DB_NAME', 'DB_PASS', 'MYSQL_CHARSET', 'SELF_URL_PATH', 'SINGLE_USER_MODE', 'SIMPLE_UPDATE_MODE', 'PHP_EXECUTABLE', 'LOCK_DIRECTORY', 'CACHE_DIR', 'ICONS_DIR', 'ICONS_URL', 'AUTH_AUTO_CREATE', 'AUTH_AUTO_LOGIN', 'FORCE_ARTICLE_PURGE', 'PUBSUBHUBBUB_HUB', 'PUBSUBHUBBUB_ENABLED', 'SPHINX_ENABLED', 'SPHINX_INDEX', 'ENABLE_REGISTRATION', 'REG_NOTIFY_ADDRESS', 'REG_MAX_USERS', 'SESSION_COOKIE_LIFETIME', 'SESSION_CHECK_ADDRESS', 'SMTP_FROM_NAME', 'SMTP_FROM_ADDRESS', 'DIGEST_SUBJECT', 'SMTP_HOST', 'SMTP_PORT', 'SMTP_LOGIN', 'SMTP_PASSWORD', 'CHECK_FOR_NEW_VERSION', 'ENABLE_GZIP_OUTPUT', 'PLUGINS', 'CONFIG_VERSION'); ?>
diff --git a/include/sessions.php b/include/sessions.php
@@ -4,7 +4,7 @@
 	require_once "config.php";
 	require_once "db.php";
 
-	$session_expire = SESSION_EXPIRE_TIME; //seconds
+	$session_expire = max(SESSION_COOKIE_LIFETIME, 86400);
 	$session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid" : TTRSS_SESSION_NAME;
 
 	if (@$_SERVER['HTTPS'] == "on") {
@@ -15,7 +15,7 @@
 	ini_set("session.gc_probability", 50);
 	ini_set("session.name", $session_name);
 	ini_set("session.use_only_cookies", true);
-	ini_set("session.gc_maxlifetime", SESSION_EXPIRE_TIME);
+	ini_set("session.gc_maxlifetime", $session_expire);
 
 	function ttrss_open ($s, $n) {