diff options
| author | Ermal <eri@pfsense.org> | 2010-04-27 14:07:48 +0000 |
|---|---|---|
| committer | Ermal <eri@pfsense.org> | 2010-04-27 14:07:48 +0000 |
| commit | 02647583e94b630d6962095347ec219a57d5d48b (patch) | |
| tree | 88de3731a5af19352a3e0a5a735f67303d30b3f8 /etc/inc/auth.inc | |
| parent | a1cab2c7ebe77e83cb091712c18ae8267bdfe1e4 (diff) | |
| download | pfsense-02647583e94b630d6962095347ec219a57d5d48b.zip pfsense-02647583e94b630d6962095347ec219a57d5d48b.tar.gz | |
Ticket #378. Correctly handle a timeout of 0 to mean never timeout.
Diffstat (limited to 'etc/inc/auth.inc')
| -rw-r--r-- | etc/inc/auth.inc | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index c1a9ba5..44d8a5c 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -1106,13 +1106,17 @@ function session_auth() { return false; /* If session timeout isn't set, we don't mark sessions stale */ - if (empty($config['system']['webgui']['session_timeout'])) { + if (!isset($config['system']['webgui']['session_timeout'])) { /* Default to 4 hour timeout if one is not set */ if ($_SESSION['last_access'] < (time() - 14400)) { $_GET['logout'] = true; $_SESSION['Logout'] = true; } else $_SESSION['last_access'] = time(); + } else if (intval($config['system']['webgui']['session_timeout']) == 0) { + /* only update if it wasn't ajax */ + if (!isAjax()) + $_SESSION['last_access'] = time(); } else { /* Check for stale session */ if ($_SESSION['last_access'] < (time() - ($config['system']['webgui']['session_timeout'] * 60))) { |
