MyBB Community Forums

MyBB Community Forums > 1.8 Support > General Support > admin cp session
Full Version: admin cp session
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2

thelovelyone

2016-12-14, 04:53 PM
hey there,

i'd like to know how i disable OR extend the admin cp session for mybb 1.8.
So e.g. i login into admin cp and then i won't be logged out ever (unless i clear cookies/use logout) OR for like 1 day.


Thanks.

fizz

2016-12-15, 06:27 AM
In admin/index.php, edit line 290 to:
my_setcookie("adminsid", $sid, (60*60*24*365*20), true);

Not tested but that's where the admin login cookie is set, and that line should set the "adminsid" cookie to last for 20 years. The default is one year however, which really should be enough. Is it logging you out more frequently than that if you don't manually logout/clear cookies?

thelovelyone

2016-12-15, 12:20 PM
Default is on year? Its usually like 30min.

Also its line 274, idk if it worked, will see and update this later, but thank you! Smile

Matt

2016-12-15, 12:35 PM
It's not the cookie timeout that's the issue, the line you want is this:

if($admin_session['lastactive'] < TIME_NOW-7200)

This is set to 2 hours, this is what will log you out after 2 hours of inactivity.

thelovelyone

2016-12-15, 01:07 PM
(2016-12-15, 12:35 PM)Matt Wrote: [ -> ]It's not the cookie timeout that's the issue, the line you want is this:

if($admin_session['lastactive'] < TIME_NOW-7200)

This is set to 2 hours, this is what will log you out after 2 hours of inactivity.

Thanks, i just did 7200*7200. Lets see if it works. C:

metulburr

2016-12-15, 01:28 PM
(2016-12-15, 01:07 PM)thelovelyone Wrote: [ -> ]Thanks, i just did 7200*7200. Lets see if it works. C:

I believe this is a safety feature. Its a pain on your end but it keeps it all the more safer. 
>>> 7200/60/60
2.0
>>> 7200*7200/60/60
14400.0

thelovelyone

2016-12-15, 04:51 PM
(2016-12-15, 01:28 PM)metulburr Wrote: [ -> ]
(2016-12-15, 01:07 PM)thelovelyone Wrote: [ -> ]Thanks, i just did 7200*7200. Lets see if it works. C:

I believe this is a safety feature. Its a pain on your end but it keeps it all the more safer. 
>>> 7200/60/60
2.0
>>> 7200*7200/60/60
14400.0

How does it keep me more safe? Just wondering.

Matt

2016-12-15, 05:01 PM
So that if someone else gets access to the machine you're using, they won't have access to your account after more than 2 hours since you left it; Think, public computers, libraries, internet cafes etc. It's pretty standard for login sessions to expire, internet banking will log you out after about 15 minutes of no activity.

metulburr

2016-12-16, 05:15 AM
If someone hacks your local computer, you are at least not auto logged into your ACP of your server. You would basically be handing them access to your server with access to your local computer. If someones packet sniffing and your on your phone/tablet/laptop using a wifi, there is less chance of obtaining access to your ACP if your logged out automatically. 

Theres always a way to hack in, but there is no reason to give them an unlocked door to get in.

thelovelyone

2016-12-16, 09:02 AM
Oh well ok, the probability is less, but i will do like 6 hours then.
Pages: 1 2
MyBB Community Forums > 1.8 Support > General Support > admin cp session