The other way to keep session timeout by keep session_register for login_id, login_group_id every reload page by make litle chang to function tep_admin_check_login()
function tep_admin_check_login() {
?global $PHP_SELF, $login_id, $login_groups_id, $login_first_name;
?if (!tep_session_is_registered('login_id')) {
? ?tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
?} else {
? ?tep_session_register('login_id');
? ?tep_session_register('login_groups_id');
? ?tep_session_register('login_first_name');
? ?$filename = basename( $PHP_SELF );
? ?if ($filename != FILENAME_DEFAULT && $filename != FILENAME_FORBIDEN && $filename != FILENAME_LOGOFF && $filename != FILENAME_ADMIN_ACCOUNT && $filename != FILENAME_POPUP_IMAGE && $filename != 'packingslip.php' && $filename != 'invoice.php') {
? ? ?$db_file_query = tep_db_query("select admin_files_name from " . TABLE_ADMIN_FILES . " where FIND_IN_SET( '" . $login_groups_id . "', admin_groups_id) and admin_files_name = '" . $filename . "'");
? ? ?if (!tep_db_num_rows($db_file_query)) {
? ? ? ?tep_redirect(tep_href_link(FILENAME_FORBIDEN));
? ? ?}
? ?}
?} ?
}
<{POST_SNAPBACK}>
No changes on "timeout" with this code or the old one.
It is frustrating working on my admin site and being thrown out every 24 minutes.
Any other suggestions??