You are viewing a plain text version of this content. The canonical link for it is here.

Posted to zeta-dev@incubator.apache.org by Philipp Kamps <pk...@mugo.ca> on 2011/07/21 07:26:28 UTC

[zeta-dev] svn commit: r1145100 - in /incubator/zetacomponents/trunk/Authentication: src/options/session_options.php src/session/authentication_session.php tests/session/session_test.php

Hi,

if you upgrade, it might affect you in one way: because we introduced
an idle timeout the session could expire earlier (default value is 600
sec).
The "hard" timeout is unchanged and will expire the session in any
case after 1200 seconds (default value).

Could we discuss why the code uses $_SERVER["REQUEST_TIME"] for the
current time?

And I think it should be more consistent: we use
$_SERVER["REQUEST_TIME"] to check for a timeout but we use time() to
actually set/update
the values.

Regards,
   Philipp