Mahara not respecting session lifetime setting from admin config page
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mahara |
Fix Released
|
High
|
Aaron Wells | ||
15.04 |
Fix Released
|
High
|
Aaron Wells | ||
15.10 |
Fix Released
|
High
|
Aaron Wells | ||
16.04 |
Fix Released
|
High
|
Aaron Wells | ||
16.10 |
Fix Released
|
High
|
Aaron Wells |
Bug Description
It seems that after the last round of session fixing bugs, Mahara no longer respects the session lifetime setting that the admin can set on the site configuration page.
This setting is stored in the database config table as "session_timeout". It's then retrieved from the database during session setup, and loaded into the "session.
The problem is, we are now initiating the session *before* we launch the database connection. So when we are setting session.
The quick workaround is to add your session_timeout setting to your config.php:
$cfg->session_
Changed in mahara: | |
milestone: | 16.10.0 → none |
status: | Fix Committed → Fix Released |
This bug is probably more noticeable if you're using the memcache session handler rather than the default (filesystem) session handler. I think the memcache session handler uses session. gc_maxlifetime as the hard expiration date for sessions; whereas in the default filesystem session handler they may stick around until the garbage handler runs.