Index: .htaccess =================================================================== RCS file: /cvs/drupal/drupal/.htaccess,v retrieving revision 1.60 diff -u -r1.60 .htaccess --- .htaccess 28 Jan 2005 16:30:37 -0000 1.60 +++ .htaccess 13 Feb 2005 19:58:53 -0000 @@ -32,11 +32,15 @@ php_value arg_separator.output "&" php_value session.cache_expire 200000 php_value session.gc_maxlifetime 200000 - php_value session.cookie_lifetime 2000000 php_value session.auto_start 0 php_value session.save_handler user php_value session.cache_limiter none php_value allow_call_time_pass_reference On + php_flag session.use_trans_sid off + php_flag session.use_cookies on + php_flag session.use_only_cookies on + # This is now set in session.inc, and can be overridden in settings.php + # php_value session.cookie_lifetime 2000000 # Various rewrite rules Index: includes/session.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/session.inc,v retrieving revision 1.11 diff -u -r1.11 session.inc --- includes/session.inc 10 Jan 2005 19:36:21 -0000 1.11 +++ includes/session.inc 13 Feb 2005 19:58:54 -0000 @@ -7,6 +7,30 @@ */ session_set_save_handler("sess_open", "sess_close", "sess_read", "sess_write", "sess_destroy", "sess_gc"); + +/** + * In order to not require users to enter their passwords everytime they visit the + * site, we set the session cookie lifetime to the number of seconds to keep the + * session for. The default of 30 days. + * + * This default can be overridden by putting the following in the settings.php file, + * using the $conf variable: + * + * 'session_cookie_lifetime' => 2592000, + * + * The sysadmin can set it to any value, here are the most likely ones a sysadmin would use + * 0 : sessions are not presistent. User logs in every time they visit the site + * 86400 : 1 day + * 172800 : 2 days + * 604800 : 1 week + * 1209600 : 2 weeks + * 2592000 : 1 month + * 7776000 : 3 months + * 15552000 : 6 months + * + */ +ini_set("session.cookie_lifetime", variable_get('session_cookie_lifetime', 2592000)); + session_start(); /*** Session functions *****************************************************/