No announcement yet.

Not retaining login (timeout) for some users

  • Filter
  • Time
  • Show
Clear All
new posts

  • Not retaining login (timeout) for some users

    This may belong in, but I cannot be sure. As a new install I'll take the liberty of cross-posting. Please and thank you.

    Cookie domains: blank
    Cookie path: /
    Cookie timeout: 900

    Cookies appear to be working well.
    I have disabled "remember me", as we are an adult site.
    So we are relying on the sessionhash cookie.

    Integration with photopost, vbadvanced, and old home-grown site also relying on sessionhash cookies. With possible exception of vbadvanced cmps, these are 'read-only' for cookies.

    I (dialup, static IP) never have a problem, I can stay on as long as the browser is open. Many others must also be ok or I'd be drowning in complaints.

    But some are definitely having a problem. The forum logs them out after a refresh or click to sub-forum, when they have not been on for a minute.

    I watched one fellow rack up four rows in the session table, each a different sessionhash. We notice his IP changing frequently. This particular person has the problem in extreme. We have eliminated user handle and browser as a source of the issue.

    (1) Just fishing here. Are there any known problems in this area? I see threads here but no resolution that works for us.

    (2) Is it normal for many session records for the same user to appear in the session table? Am I distracting myself with stuff that doesn't matter? How can the sessionhash cookies and vb_session.sessionhash field become so out of synch so quickly with just a few particular users? I suspect it only happens for people on broadband where they have frequently changing IPs.

    (3) Given that I have to live with integration, and the session hash is a moving target for me now, is there a simpler way to remember users? I would prefer to use the userid cookie, it seems to be set reliably according to actual login status. Yet I don't want to remember users forever. A four-hour time limit would be fine. Is this a hack or an option buried somewhere?

    Any pointers greatly appreciated. Thanks.

  • #2
    I have a similar problem, but even with myself as Admin.

    When I take to much time to make a posting, I get logged out and my posting is lost.

    Please help because this is pissing me off badly.

    Cookie timeout: 900

    Thank you.
    KCi aka Rhyze


    • #3
      No cookie is created when you login without remember me, its a session only, when the session expires so do you being logged in, is there any real reason to disable this?


      • #4
        Originally posted by Zachery
        is there any real reason to disable this?
        (smiling) Which part of the pain and suffering did you miss Zach ?

        I disabled it to get customer complaints off my support desk.

        I gather the problem then is in php session handling.
        For some reason, customers with certain kinds of connections have their sessions expire too quickly. Because their IP changes too much perhaps.
        I run php on Slackware 8.x

        In any case, one can only chase problems so far when customers are unable to remain logged in.

        A small hack solved the problem for me (so far...)

        In the best of all worlds, we could keep the vbulletin "remember me" logic in place, but have an option the in admin panel to set a time limit on the userid cookie.



        Related Topics