2022-08-20, 11:36 PM
Hello together,
I am a former IPB and Vanilla user, tried to get comfortable with phpBB and finally found myBB.
I just love most everything about myBB ... but one thing:
My member sessions constantly require me to login again, accessing the ACP requires me to login a second time and also constantly requires me to login again.
Partly that may come from be accessing the forum from several mobile devices with changing IP adresses.
I just don't want that.
My devices are all secure as it can get and personal, if I ever would use a different computer, I would make sure to logout.
I want to login once, also be able to constantly access the ACP without a second login and don't get logged out as member or admin ever, or at least not for one year.
The situation is nearly killing me.
To this goal, I tried to modify several parts of the forum's php files - me being Unix-experienced but I am not a php or web programmer at all.
Going to write what I did in the next posting.
I disabled the daily session cleanup:
FILE: ./inc/tasks/dailycleanup.php_ORIG
35c35
< $db->delete_query("sessions", "time < '".(int)$time['sessionstime']."'");
---
> //$db->delete_query("sessions", "time < '".(int)$time['sessionstime']."'");
I changed the expire variable in the "my_setcookie" function:
FILE: ./inc/functions.php_ORIG
2258,2269c2258,2264
< if($expires == -1)
< {
< $expires = 0;
< }
< elseif($expires == "" || $expires == null)
< {
< $expires = TIME_NOW + (60*60*24*365); // Make the cookie expire in a years time
< }
< else
< {
< $expires = TIME_NOW + (int)$expires;
< }
---
> if ($expire == -1 || $expire == 0 || $expire == "" || $expire == null)
> $expire = TIME_NOW + (60*60*24*365);
>
> if ($expire > time())
> $expire = TIME_NOW + (60*60*24*365);
I also changed the "mybbuser" cookie:
FILE: ./member.php_ORIG
397c397,398
< my_setcookie("mybbuser", $user_info['uid']."_".$user_info['loginkey'], null, true, "lax");
---
> my_setcookie("mybbuser", $user_info['uid']."_".$user_info['loginkey'], TIME_NOW+(60*60*24*365), true, "lax");
And finally, I removed the whole "Login key has changed - force logout" section from admin/index.php so that the user will not get unset, or deleted after 2 hours or if there is some IP network change (which I have all over the day).
But still, I get login windows over and over again.
On my iPad, closing Safari also requires me to login again (or is this an Apple problem???)
Also, even after login, I need to login a second time to access the ACP ... I do not yet have an idea how to change this. One login is enough for me, at least when the sessions expire.
What I am missing here?
Please :-)
How to get rid of the automatic logout?
I am a former IPB and Vanilla user, tried to get comfortable with phpBB and finally found myBB.
I just love most everything about myBB ... but one thing:
My member sessions constantly require me to login again, accessing the ACP requires me to login a second time and also constantly requires me to login again.
Partly that may come from be accessing the forum from several mobile devices with changing IP adresses.
I just don't want that.
My devices are all secure as it can get and personal, if I ever would use a different computer, I would make sure to logout.
I want to login once, also be able to constantly access the ACP without a second login and don't get logged out as member or admin ever, or at least not for one year.
The situation is nearly killing me.
To this goal, I tried to modify several parts of the forum's php files - me being Unix-experienced but I am not a php or web programmer at all.
Going to write what I did in the next posting.
I disabled the daily session cleanup:
FILE: ./inc/tasks/dailycleanup.php_ORIG
35c35
< $db->delete_query("sessions", "time < '".(int)$time['sessionstime']."'");
---
> //$db->delete_query("sessions", "time < '".(int)$time['sessionstime']."'");
I changed the expire variable in the "my_setcookie" function:
FILE: ./inc/functions.php_ORIG
2258,2269c2258,2264
< if($expires == -1)
< {
< $expires = 0;
< }
< elseif($expires == "" || $expires == null)
< {
< $expires = TIME_NOW + (60*60*24*365); // Make the cookie expire in a years time
< }
< else
< {
< $expires = TIME_NOW + (int)$expires;
< }
---
> if ($expire == -1 || $expire == 0 || $expire == "" || $expire == null)
> $expire = TIME_NOW + (60*60*24*365);
>
> if ($expire > time())
> $expire = TIME_NOW + (60*60*24*365);
I also changed the "mybbuser" cookie:
FILE: ./member.php_ORIG
397c397,398
< my_setcookie("mybbuser", $user_info['uid']."_".$user_info['loginkey'], null, true, "lax");
---
> my_setcookie("mybbuser", $user_info['uid']."_".$user_info['loginkey'], TIME_NOW+(60*60*24*365), true, "lax");
And finally, I removed the whole "Login key has changed - force logout" section from admin/index.php so that the user will not get unset, or deleted after 2 hours or if there is some IP network change (which I have all over the day).
But still, I get login windows over and over again.
On my iPad, closing Safari also requires me to login again (or is this an Apple problem???)
Also, even after login, I need to login a second time to access the ACP ... I do not yet have an idea how to change this. One login is enough for me, at least when the sessions expire.
What I am missing here?
Please :-)
How to get rid of the automatic logout?