Jump to content

  • You cannot start a new topic
  • You cannot reply to this topic

Increase Login Session Time For Users/customers Rate Topic   - - - - -

 
  • alijaved
  • Advanced Member
  • Members
  • Join Date: 14-Apr 18
  • 124 posts

Posted 21 August 2018 - 04:34 PM #1

Dear members,

 

I want to increase the session time for users/admins to infinite or until they log out themselves. I do not want the users to log out automatically after 2 hours.

 

I know there are some changes required in config.pho file, can someone please drop me a line of code that I have to put there? 

 

Please drop me a full line of code that I can replace with 2 hours of session time, I need an infinite login session for customers and admin panel. I never want them to log out until they log out themselves.

 

 

My Cs-Cart version is 4.7.2



 
  • The Tool
  • Been Here Way Too Long Member
  • Members
  • Join Date: 30-Mar 07
  • 3921 posts

Posted 21 August 2018 - 05:44 PM #2

// Session live time
define('SESSION_ALIVE_TIME', SECONDS_IN_HOUR * 2); // 2 hours


 
  • eComLabs
  • CS-Cart Expert
  • Authorized Reseller
  • Join Date: 27-Jan 14
  • 20945 posts

Posted 22 August 2018 - 05:46 AM #3

In the config.php file which is located in the root directory of CS-Cart installation


GET A FREE QUOTE | CS-Cart Add-ons | CS-Cart Licenses | CS-Cart Development | CS-Cart Design | Server Configuration | UniTheme and YOUPI
CS-Cart                USD 345     Multi-Vendor              USD 1250    Multi-Vendor PLUS           USD 3100 (2775)
CS-Cart Ultimate  USD 775     CS-Cart + YOUPI      USD 545      Multi-Vendor Ultimate       USD 7500 (6000)

 
  • Ginestra
  • Newbie
  • Members
  • Join Date: 06-Jul 11
  • 6 posts

Posted 22 August 2018 - 02:27 PM #4

On this, do many of you bother to change this? Any good reason why non-logged in is what seems to me to be very low (2 hours)?



 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 11770 posts

Posted 22 August 2018 - 05:53 PM #5

It's effectively an idle time and is used for security purposes.  I.e. if you're away from your desk for more than 2 hrs, then the session becomes inactive until you re-login.  

 

2hrs seems a reasonable amount of time to expect interaction with your site before effectively logging you out.


EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.


 
  • alijaved
  • Advanced Member
  • Members
  • Join Date: 14-Apr 18
  • 124 posts

Posted 23 August 2018 - 08:49 AM #6

// Session live time
define('SESSION_ALIVE_TIME', SECONDS_IN_HOUR * 2); // 2 hours

 

 

For infinite, can I make it as following, for 1 year? 


 

// Session live time
define('SESSION_ALIVE_TIME', SECONDS_IN_HOUR * 8760); // 8760 hours in 1 year


 
  • eComLabs
  • CS-Cart Expert
  • Authorized Reseller
  • Join Date: 27-Jan 14
  • 20945 posts

Posted 23 August 2018 - 01:20 PM #7

Yes, you can if you do not worry about security aspects


GET A FREE QUOTE | CS-Cart Add-ons | CS-Cart Licenses | CS-Cart Development | CS-Cart Design | Server Configuration | UniTheme and YOUPI
CS-Cart                USD 345     Multi-Vendor              USD 1250    Multi-Vendor PLUS           USD 3100 (2775)
CS-Cart Ultimate  USD 775     CS-Cart + YOUPI      USD 545      Multi-Vendor Ultimate       USD 7500 (6000)

 
  • alijaved
  • Advanced Member
  • Members
  • Join Date: 14-Apr 18
  • 124 posts

Posted 26 August 2018 - 10:07 AM #8

Thanks guys it worked great :-)



 
  • alaa
  • Senior Member
  • Members
  • Join Date: 18-Mar 18
  • 181 posts

Posted 11 January 2020 - 08:04 AM #9

Yes, you can if you do not worry about security aspects

 

I did make it for one year on my server. However, this has slower down my website dramatically. The Database is getting larger day by day. 

 

Is there any thing else I can do to extend authenticated users' logged-in state while not affecting the server? 



 
  • eComLabs
  • CS-Cart Expert
  • Authorized Reseller
  • Join Date: 27-Jan 14
  • 20945 posts

Posted 13 January 2020 - 05:50 AM #10

Did you examine which tables have biggest size?


GET A FREE QUOTE | CS-Cart Add-ons | CS-Cart Licenses | CS-Cart Development | CS-Cart Design | Server Configuration | UniTheme and YOUPI
CS-Cart                USD 345     Multi-Vendor              USD 1250    Multi-Vendor PLUS           USD 3100 (2775)
CS-Cart Ultimate  USD 775     CS-Cart + YOUPI      USD 545      Multi-Vendor Ultimate       USD 7500 (6000)

 
  • alaa
  • Senior Member
  • Members
  • Join Date: 18-Mar 18
  • 181 posts

Posted 13 January 2020 - 05:54 AM #11

Did you examine which tables have biggest size?

 

I found out that cscart_sessions table has huge data (almost 90% of the total database data). 



 
  • eComLabs
  • CS-Cart Expert
  • Authorized Reseller
  • Join Date: 27-Jan 14
  • 20945 posts

Posted 13 January 2020 - 06:14 AM #12

Looks like 1 year is too much for CS-Cart. Try to use lower  value. CS-Cart will delete outdated sessions


GET A FREE QUOTE | CS-Cart Add-ons | CS-Cart Licenses | CS-Cart Development | CS-Cart Design | Server Configuration | UniTheme and YOUPI
CS-Cart                USD 345     Multi-Vendor              USD 1250    Multi-Vendor PLUS           USD 3100 (2775)
CS-Cart Ultimate  USD 775     CS-Cart + YOUPI      USD 545      Multi-Vendor Ultimate       USD 7500 (6000)

 
  • alaa
  • Senior Member
  • Members
  • Join Date: 18-Mar 18
  • 181 posts

Posted 13 January 2020 - 06:26 AM #13

Looks like 1 year is too much for CS-Cart. Try to use lower  value. CS-Cart will delete outdated sessions

Thank you eComLabs for your reply. 

 

I have a question, please. What I want to achieve is to extend the logged-in status of the authinticated users. 

 

I understand that we have two tables: 

 

cscart_sessions which stores sessions for unauthinticated users. 

cscart_stored_sessions for storing sessions for logged-in users.

 

I kept session_alive_time parameter in config.php as is (2 hours) because it affects users who are not logged-in. 

I set sessions_storage_alive_time in config.php to 1-year as it stores data for logged-in users. 

 

However, this doesn't work. Still logged-in users are getting logged-out after two hours!

Is my understanding correct? 

 

Thank you again. 



 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 11770 posts

Posted 13 January 2020 - 07:35 PM #14

SESSIONS_STORAGE_ALIVE_TIME only affects data (like products in cart) and how long they are retained.  It will NOT affect how long a user can be idle during their login.

 

I'd suggest you be more pragmatic in how long you allow a user's session to remain active while idle.  There are several security concerns as well as general usage patterns.  Right now its 2 hrs. You might consider upping it to 24.  But not sure I'd go beyond this give the amount of session data that is stored per logged in user.  Setting it to 1 year effectively says "never see data as stale" which which is unrealistic.

 

Otherwise, beef up your database server to a SAN and implement a caching server to cache recently accessed data.  I.e. put your DB on a separate server designed for dealing with large database tables and caching.


EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.


 
  • beta
  • Advanced Member
  • Trial users
  • Join Date: 18-Oct 11
  • 51 posts

Posted 21 July 2020 - 06:53 AM #15

hi,

Latest cs-cart change the session time configuration from config.php to tygh/session.php, but

    protected static $ttl = (AREA === 'C') ? SESSIONS_STORAGE_ALIVE_TIME : SESSION_ALIVE_TIME; // Edited By Beta

not affect and not Work "AREA"!

how increase session alive time in customers area?



 
  • The Tool
  • Been Here Way Too Long Member
  • Members
  • Join Date: 30-Mar 07
  • 3921 posts

Posted 21 July 2020 - 12:22 PM #16

It's still defined in /config.php

// Session live time
define('SESSION_ALIVE_TIME', SECONDS_IN_HOUR * 2); // 2 hours