|
Joined: Oct 2006
Posts: 358
enthusiast
|
enthusiast
Joined: Oct 2006
Posts: 358 |
Since we upgraded to 7.5.8 some of my users are complaining that their cookies don't seem to be working consistently.... Specifically, they need to log in every 3 or 4 days when previously they could go for 4 or 5 weeks without logging in. Some of them have tested and rebooting doesn't seem to affect it. Also, it seems to be happening with all browsers and all versions of Windows... Is there something that might be expiring the cookies sooner? Or any other ideas? Thanks!!
--BIll B
|
|
|
|
Joined: Jun 2006
Posts: 16,348 Likes: 124
|
Joined: Jun 2006
Posts: 16,348 Likes: 124 |
It's due to the IE issue where a largely fictitious date would not be valid; as a "fix" the cookie date is set as 7 days (ie the cookie will be invalid after this date). Myself I think a month would have been a better value.
You can change this, but it wouldn't be supported and you'd have to edit coding to be a different value.
|
|
|
|
Joined: Oct 2006
Posts: 358
enthusiast
|
enthusiast
Joined: Oct 2006
Posts: 358 |
Okay.. I "almost" understood that.... and it did trigger my memory...
I vaguely remember it as a new IE "feature". I even asked some of the guys to try other browsers and they responded that it occurs with them too. But that can't be correct -- Right?
Also, previously I did zero in on the reset cycle.... while nobody fessed up to being that attentive, based upon their emails to me, I did detect that it was occurring about once a week to the guys.
What did you mean about the largely fictitious date? Did you mean one that was set for 5 years - for example?
And then, "Who's fix" are you referring to? Microsoft or UBB?
Did we go from "Never Expire" to "Expire in 7 days"??
--BIll B
|
|
|
|
Joined: Jun 2006
Posts: 16,348 Likes: 124
|
Joined: Jun 2006
Posts: 16,348 Likes: 124 |
Yes, IE does not like a far off date as the cookie expire time.
The "fix" was to set the ubb cookie to expire after 7 days; why 7 days was chosen over say 30 days is beyond me.
|
|
|
|
Joined: Jan 2004
Posts: 2,474 Likes: 3
Pooh-Bah
|
Pooh-Bah
Joined: Jan 2004
Posts: 2,474 Likes: 3 |
So what's the optimal cookie time setting for 7.5.7?
|
|
|
|
Joined: Jun 2006
Posts: 16,348 Likes: 124
|
Joined: Jun 2006
Posts: 16,348 Likes: 124 |
Personally a month seems like a good number; anything shorter and you end up with emails about users "getting 'kicked off' the forums" (I get several a month too; i have to explain that they just need to login, then again i have to do it repeatedly lol).
|
|
|
|
Joined: Jan 2004
Posts: 2,474 Likes: 3
Pooh-Bah
|
Pooh-Bah
Joined: Jan 2004
Posts: 2,474 Likes: 3 |
A very high percentage of my users have to use IE variants. Do other forum products suffer in the same way, I wonder?
|
|
|
|
Joined: Jun 2006
Posts: 16,348 Likes: 124
|
Joined: Jun 2006
Posts: 16,348 Likes: 124 |
A very high percentage of my users have to use IE variants. Do other forum products suffer in the same way, I wonder? Well, their cookie length was a lot shorter than what we where using (who needs to be logged in a full year?)
|
|
|
|
Joined: Oct 2006
Posts: 358
enthusiast
|
enthusiast
Joined: Oct 2006
Posts: 358 |
If I use this Freeware and reset the EXPIRES date to a month, shouldn't that fix the problem for a single person? http://www.nirsoft.net/utils/iecookies.html
--BIll B
|
|
|
|
Joined: Jun 2006
Posts: 28
newbie
|
newbie
Joined: Jun 2006
Posts: 28 |
It's due to the IE issue where a largely fictitious date would not be valid; as a "fix" the cookie date is set as 7 days (ie the cookie will be invalid after this date). Myself I think a month would have been a better value.
You can change this, but it wouldn't be supported and you'd have to edit coding to be a different value. Not sure what you are referring to here about 7. I checked the code, and the cookie is set as time() + COOKIE_LIFETIME, which is set in config.inc.php. It is set by default to a very large number. Some of my IE users have been having issues too. Should I change the value of COOKIE_LIFETIME? And if so, what its the greatest possible value that will keep IE happy?
|
|
|
|
Joined: Jun 2006
Posts: 28
newbie
|
newbie
Joined: Jun 2006
Posts: 28 |
I traced through the code and it does override COOKIE_LIFETIME to a max of 7 days. Wow. There's no way such a low value makes sense. People don't want to be logging in every 7 days. And having it stealthily override COOKIE_LIFETIME is going to cause a lot of confusion in the future. ex: "But my cookie lifetime says 25353226226. Why is it expiring in 7 days?"
Does anyone know precisely what bug/problem this change was made to fix, and why 7 is the maximum? I would be very surprised if Internet Explorer allows a maximum of 7 day cookies. That just doesn't make any sense.
And if there is some set limit, wouldn't it make sense to override COOKIE_LIFETIME only for IE?
Last edited by Snarf; 01/15/2014 2:08 PM.
|
|
|
|
Joined: Jun 2006
Posts: 16,348 Likes: 124
|
Joined: Jun 2006
Posts: 16,348 Likes: 124 |
The bug was the IE login issue; I believe a fix of 30 days would have been sufficient, I have no idea why 7 days was enforced as a maximum...
|
|
|
|
Joined: Jun 2006
Posts: 28
newbie
|
newbie
Joined: Jun 2006
Posts: 28 |
I've changed ours to 70 days. Don't see why 7 would work but 30 or 70 or 100 wouldn't. Can't find any web articles mentioning a 7 day limit on IE.
Or might as well set it to "0" if you want then never to expire. Surely that would work under IE.
Last edited by Snarf; 01/15/2014 4:59 PM.
|
|
|
|
Joined: Oct 2006
Posts: 358
enthusiast
|
enthusiast
Joined: Oct 2006
Posts: 358 |
Can you give me a hint WHERE I go to mess with the time limit?
--BIll B
|
|
|
|
Joined: Jun 2006
Posts: 28
newbie
|
newbie
Joined: Jun 2006
Posts: 28 |
From the changelog:
Default cookie expiration is now 1 week (7 days) versus 1 year (365 days; changebasic.inc.php, html.inc.php, admin/loginas.php)
|
|
|
|
Joined: Apr 2004
Posts: 1,970 Likes: 154
|
Joined: Apr 2004
Posts: 1,970 Likes: 154 |
Can you give me a hint WHERE I go to mess with the time limit? in \libs\html.inc.php find:
if (!isset($config['COOKIE_LIFETIME'])) $config['COOKIE_LIFETIME'] = 604800;
if ($config['COOKIE_LIFETIME'] > 604800) $config['COOKIE_LIFETIME'] = 604800;
replace with:
if (!isset($config['COOKIE_LIFETIME'])) $config['COOKIE_LIFETIME'] = 604800;
if ($config['COOKIE_LIFETIME'] > 2592000) $config['COOKIE_LIFETIME'] = 2592000;
86400 = 24hrs 604800 = 7 days (Default for UBBT 7.5.8) 2592000 = 30 days (What Gizmo and I both recommend) 31536000 = 365 days (Default for UBBT 7.5.7 and prior) Then, go to: Control Panel > Primary Settings > Advanced Options Edit "Cookie Expiration Time:" to whatever you want, but the max will be no more than what you've just modified html.inc.php to be.
Last edited by id242; 01/17/2014 2:27 PM.
|
|
|
|
Joined: Oct 2006
Posts: 358
enthusiast
|
enthusiast
Joined: Oct 2006
Posts: 358 |
Fantastic....
Okay, I followed the instructions -- but I changed the Cookie Expirations to 30 days in ALL THREE files. /forum/scripts/changebasic.inc.php /forum/libs/html.inc.php /forum/admin/loginas.php
Now, let the 1 million monkeys begin typing!!! :-)
PS. Thanks id242 Your instructions were perfect.
--BIll B
|
|
|
|
Joined: Dec 2003
Posts: 6,620 Likes: 84
|
Joined: Dec 2003
Posts: 6,620 Likes: 84 |
Kinda makes you wonder why we even have a option in the control panel if it is hardcoded to set it to a max 7 days no matter what you enter.
Blue Man Group There is no such thing as stupid questions. Just stupid answers
|
|
|
|
Joined: Apr 2004
Posts: 1,970 Likes: 154
|
Joined: Apr 2004
Posts: 1,970 Likes: 154 |
Hard-coded as a cookie expiration MAXIMUM. You can still adjust it to 15 minutes, 1 hour, 1 day, or whatever. As long as you know the maximum cookie expiration time allowed is 1 week I'm registered with a few sites that have it set to 20 minutes. Very annoying when you're trying to contribute a long post, one that requires research, and you are told that you're not logged in when you go to hit that "Submit" button. I'm also registered with a few sites that allow you to change the cookie expiration time in your profile settings from "1 hour" / "1 day" / "1 week" / "30 days"... letting the user choose whats best for them. The board default setting is whatever the admin choose in the control panel -- similar to how we currently have a posts-per-page default that can be modified in each user's profile page.
|
|
|
|
Joined: Dec 2003
Posts: 6,620 Likes: 84
|
Joined: Dec 2003
Posts: 6,620 Likes: 84 |
I think I did say max.
But there is no notation that if you set it to null sec. it will be 7 days. If you set it to 31536000 it will again default to a max of 7 days. Only if you use a value between 0-604800 will it allow it to be 7 days or less. Of course. a value of say 0-1 would probably render the site useless unless they allow guests to post.
But bottom line is if I elect 31536000 and submit, the control panel still displays 31536000 and 31536000 is saved in config.ini.php. but is hardcoded to limit the duration to 604800(7days). Leading users to think they have in fact changed the cookie duration to 365 days where it really did not happen.
Blue Man Group There is no such thing as stupid questions. Just stupid answers
|
|
|
4 members (Gizmo, Baldeagle, Conrad, 1 invisible),
254
guests, and
102
robots. |
Key:
Admin,
Global Mod,
Mod
|
|
|
|