>> Is there a way to force users to log on again after a specified time, >> so that their access rights are not left forever (?) on a shared PC if >> they do not logout ?
> Are you using authuser, or do you simply want the browser to forget > passwords, or what? > PHP's default configuration will automatically log someone out after > 24 minutes of inactivity. This can be adjusted using the > session.cookie_lifetime configuration option in PHP: > # automatically log browser out after 15 minutes of inactivity > ini_set('session.cookie_lifetime', time() + 15 * 60); Thanks a lot. I am using AuthUser. On the server I tested (Windows 2003, Apache) ini_get('session.cookie_lifetime') returns nothing. But when I set the variable with ini_set('session.cookie_lifetime', 12345), then it returns 12345. In php.ini, it is set to 43200. As ini_get('session.cookie_lifetime') returns initially nothing, wouldn't it be safer to include in the (farm)config.php) ini_set('session.cookie_lifetime', time() +timeout); ? Christophe _______________________________________________ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users