Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Sessions timing out too soon

I'm running a standard Vanilla install,, and something I'm running into is that if I wait too long to do anything, I get logged out. This kinda sucks as I tend to use post boxes as notepads and don't submit until I'm done. And I tend to get distracted by work. When I come back, it errors it can't find the discussion (cause the catagory is restricted) and I'm no longer logged in.

Any thoughts? Questions?


  • session lengths are a server configuration thing. Is there any reason you're not using 'remember me' and cookies?
  • What is the exact effect of 'remeber me'? Just to avoid the session timeout? Or something more?
  • MarkMark Vanilla Staff
    Remember me creates a cookie. If your session times out, Vanilla will use the cookie to re-authenticate you and keep you signed in.
  • Maybe I'm forgetting to hit Remember me. I'll try it some more. Maybe I screwed something up. :D
  • Hi all. I'm new to Vanilla and to this forum. I have the same 'problem' Burke Prefect talks about. I think this can confuse users as other forums, webmails, etc don't require to select 'Remember me' to keep logged. Appart from that, many users can't use that option because they are on shared machines at work, cybercafe, school... This is just my opinion but if you say it's a server thing I'll try to deal with it. Any comments on this issue are appreciated. Thank you all.
  • edited October 2006
    Even on a shared computer you can use the remember me option. You just need to logout to disable it (what you have to do anyway).
  • Oh, sure. But the problem is you can easily forget to logout on a shared machine and just close the browser window.
  • what do i need to do to extend the session length? edit "session.gc_maxlifetime " in php.ini? (seems to have no effect) i want the users name to apear a longer lapse of time in the "who's online " panel.
  • The whos online panel does not work on the base of sessions, it just checks who's been signed in in the last 5 minutes...
  • DATE_SUB(NOW(), INTERVAL 5 MINUTE yess , sorry i was stupid i shoud have looked it up there ..
  • I've had quite a few users lose their lengthy responses because of this. They don't know that they have to tick the remember me box in order to stay logged in for longer than a few minutes. Is there a way to default "remember me" to yes? If the previous post by Keith contains the answer could someone tell me how/where to do this. Thanks, Peter
  • It's somewhere else--edit your themes\people_signin_form_nopostback.php file, find the GetDynamicCheckBox line and change about in the middle of that line, the zero to a one, like this:ForceIncomingBool('RememberMe', 1)
  • Thanks WallPhone, that works well.
  • WallPhone's trick worked but still, how long is the session length? I was still logged out after a certain amount of time. Is it possible to have the user signed in forever, until he/she signs out himself?
  • On my forum I have it set to remember me but it still logs me out every coupla weeks.
  • It was just a day or so for me, which is why it bothers me so.
  • The 'remember me' cookies should expire after 30 days... Its hard coded, but should renew if you sign out and back in.
This discussion has been closed.