Not Solved [How To?] admin cp session
#1
Not Solved
hey there,

i'd like to know how i disable OR extend the admin cp session for mybb 1.8.
So e.g. i login into admin cp and then i won't be logged out ever (unless i clear cookies/use logout) OR for like 1 day.


Thanks.
Reply
#2
Not Solved
In admin/index.php, edit line 290 to:
my_setcookie("adminsid", $sid, (60*60*24*365*20), true);

Not tested but that's where the admin login cookie is set, and that line should set the "adminsid" cookie to last for 20 years. The default is one year however, which really should be enough. Is it logging you out more frequently than that if you don't manually logout/clear cookies?
My Plugins: [1.8]|[1.6]

** Selling custom plugin that enables Bitcoin payments. PM me if interested in purchasing! **
Reply
#3
Not Solved
Default is on year? Its usually like 30min.

Also its line 274, idk if it worked, will see and update this later, but thank you! Smile
Reply
#4
Not Solved
It's not the cookie timeout that's the issue, the line you want is this:

if($admin_session['lastactive'] < TIME_NOW-7200)

This is set to 2 hours, this is what will log you out after 2 hours of inactivity.
MyReactions - All Plugins

Can you still feel the butterflies?

Free never tasted like pudding.
Reply
#5
Not Solved
(2016-12-15, 12:35 PM)Matt Wrote: It's not the cookie timeout that's the issue, the line you want is this:

if($admin_session['lastactive'] < TIME_NOW-7200)

This is set to 2 hours, this is what will log you out after 2 hours of inactivity.

Thanks, i just did 7200*7200. Lets see if it works. C:
Reply
#6
Not Solved
(2016-12-15, 01:07 PM)thelovelyone Wrote: Thanks, i just did 7200*7200. Lets see if it works. C:

I believe this is a safety feature. Its a pain on your end but it keeps it all the more safer. 
>>> 7200/60/60
2.0
>>> 7200*7200/60/60
14400.0
Reply
#7
Not Solved
(2016-12-15, 01:28 PM)metulburr Wrote:
(2016-12-15, 01:07 PM)thelovelyone Wrote: Thanks, i just did 7200*7200. Lets see if it works. C:

I believe this is a safety feature. Its a pain on your end but it keeps it all the more safer. 
>>> 7200/60/60
2.0
>>> 7200*7200/60/60
14400.0

How does it keep me more safe? Just wondering.
Reply
#8
Not Solved
So that if someone else gets access to the machine you're using, they won't have access to your account after more than 2 hours since you left it; Think, public computers, libraries, internet cafes etc. It's pretty standard for login sessions to expire, internet banking will log you out after about 15 minutes of no activity.
MyReactions - All Plugins

Can you still feel the butterflies?

Free never tasted like pudding.
Reply
#9
Not Solved
If someone hacks your local computer, you are at least not auto logged into your ACP of your server. You would basically be handing them access to your server with access to your local computer. If someones packet sniffing and your on your phone/tablet/laptop using a wifi, there is less chance of obtaining access to your ACP if your logged out automatically. 

Theres always a way to hack in, but there is no reason to give them an unlocked door to get in.
Reply
#10
Not Solved
Oh well ok, the probability is less, but i will do like 6 hours then.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)