Home General support

set cookie time out

michaelsam Member
in General support
when does the cookie for login expire ?
how to change the timeout only for one visit till i close the browser ?

i tried to delete in auth_zp.php on line 45 to delete "time()+COOKIE_PESISTENCE," and also line 25 to 27 which says "time() <= ($req + (3 * 24 * 60 * 60))" but when i closed the browser window, i didn't have to login at next visit.

Comments

  • sbillard Member
    Did you notice `COOKIE_PESISTENCE` in the line you quote above? That would be the expiration time. Of course if you do not store the cookie you will not be logged in. What did you expect?
  • michaelsam Member
    i want, that my users have each browser start to login again.
    yes i noticed that, that was the reason why i deleted that, cause i read somewhere when you define there nothing it will expire when you close the browser.
  • michaelsam Member
    i forgot to write, that i activated galleryguest user login. is this saved to the database ?
  • sbillard Member
    If you define nothing there, the cookie will expire with the script execution--not very useful since each page is a new script execution. If you want each browser to start with a logon, set the album_session option.

    All user/passwords are saved in the database.
  • michaelsam Member
    do you mean gallery_sessions ? - i think that only works if you have setted a password to an album and not a guestuserlogin password - i tried it - it didn't work for the galleryguestuser login
  • michaelsam Member
    you know, in the moment, i can't set anything in my album :) and i don't want to, cause i want only to protect the gallery. i'ld set that in htaccess, but i'm sure zenphoto can handle this like i want it to, cause it works with the adminlogin too.
  • sbillard Member
    Yes, it is the Enable Gallery Sessions option (The option name in the database is `album_sessions`) If it is not working there is something wrong on your server with sessions. The option is entirely contained in the cookie handling so it is not possible for it to work for one kind of cookie and not for another. Besides, all the option does is prevent the cookie from being stored so that only the session is used.
Sign In or Register to comment.