Does anyone know (alex...) how to make sure that Mambo and Amember timeout the sessions at the same time (so that one isn't still logged into either amember or mambo, but not the other). What settings (cookie duration, etc) control this behaviour? Thank you for any help and explanation regarding this matter. -John
It is only possible to change mambo/configuration.php and change session expiration time from 60/900 to bigger value, something like 90000. I don't see other ways to make it working.
I'll give it a try and post my results I'm going to set the Mambo cookie duration for 30 days. This should definately cause Amember to timeout before Mambo (I think). btw where is the cookie duration set in Amember? Specifically, where will this setting have an effect with the Mambo plugin? Thanks Alex, hopefully this post will be useful to others using the Mambo Plugin. -John
Set to 48 hours. aMember set this to 0, which means "until client browser is closed". It is why this problem is only serious for site owners, and almost never affects site members
... In common.inc.php PHP: function amember_setcookie($k, $v){ $tm = 0; $d = $_SERVER['HTTP_HOST']; if (preg_match('/([^\.]+)\.(org|com|net|biz|info)/', $d, $regs)) setcookie($k,$v,$tm,"/",".{$regs[1]}.{$regs[2]}"); else setcookie($k,$v,$tm,"/"); } Will changing $tm to the same value in mambo work for the session synchronization?
I want to add that it seems Amember is not deleting sessions properly. Occasionaly even after I've closed my browser (and made sure it was closed by checking system processes) I would go back to the site and amember would tell me I'm still logged in. The problem this causes is that I'm logged out in mambo and can't login because amember thinks I am. Also, I even clicked on the logout link, which uses amember's logout function, and even that was having troubles logging me out, it wouldn't work at times. I have a friend who's tried it on both browsers IE and firefox and said he only has the problem with firefox.. I just tested it on firefox.
If you are still logged into aMember, then you most likely did not close ALL browser windows. There is a real problem with session expiring in Mambo, we can only suggest to implement session time setting in mambo/config.php file to bigger value, lets say "900".
... hmm, strange problem, but doesn't happen anymore.. Hey Alex, I got another problem and I think this may be a bug/miss on the mambo.inc.php file. I think sessions aren't destroyed properly because when I log in to amember/mambo using the amember component and OCCASIONALLY $my->id is not set so Mambo thinks I'm not logged when while amember does (because amember sessions are probably set, but $my is not)
... Btw, I found that that problem happened to me because I was an expired user. I need users to still get links to their account (through the amember module), but since it thinks I'm not logged into mambo I still get the login form, even though I am alraedy logged in.
This post: http://forum.joomla.org/index.php/topic,9318.msg64664.html#msg64664 and this post: http://forum.mamboserver.com/showthread.php?postid=200325&highlight=expire session#post200325 shows you how to fix the session/browser close-out issue for Mambo/Joomla. With that being said/corrected, where can people set the aMember session time for synchronization with Mambo/Joomla (that is established by "mambo/configuration.php")? Is aMember's session expiration set by the $tm value in this section of code (in common.inc.php) or is there more to it than that? PHP: function amember_setcookie($k, $v){ $tm = 0; $d = $_SERVER['HTTP_HOST']; if (preg_match('/([^\.]+)\.(org|com|net|biz|info)/', $d, $regs)) setcookie($k,$v,$tm,"/",".{$regs[1]}.{$regs[2]}"); else setcookie($k,$v,$tm,"/"); }
No, aMember session expiration is set by global PHP configuration value: session.cookie_lifetime. By default it is "0" - means "until all browser windows closed".