> On 2/4/08, ISP Lists <isp@xxxxxxxxxx> wrote:
>> System: LAMP.
>> Mysql 5.0.38-Ubuntu_0ubuntu1.2-log Ubuntu 7.04 distribution
>> php PHP 5.2.1 (cli) (built: Nov 28 2007 23:14:55)
>> apache2 Server version: Apache/2.2.3
>> Server built: Aug 16 2007 22:49:04
>> Architecture: 32-bit
>> squirrelmail-1.4.13
>> courier imap 4.1.3
>> courier authlib 0.59.3
>> vpopmail 5.4.17
>>
>> This is a new system and users have been migrated. All functionality
>> working, squirrel seems quite happy.
>>
>> HOWEVER, big difference from prior system and this is that cookie
>> expiration seems much more aggressive, even though I'm leaving browser
>> sessions (Firefox tabs) open with folder list refresh set at 2 minutes.
>>
>> I used to be able to leave the folders refreshing overnight and the
>> sessions would be valid in the morning with a list of new messages handy
>> (please, no lectures on the wisdom of doing this...). Now, with the new
>> build, the cookies appear to be expiring more aggressively and sessions
>> time out even under frequent refresh.
>>
>> Soooooo..... what controls squirrel's cookie
>> timeout/duration/expiration?
>
> PHP cleans up unused sessions after session.gc_maxlifetime seconds
> (see your php.ini). SM tells the browser the the "key" cookie should
> expire when the user session is finito (browser closes, computer
> crashes, fire burns down house).
>
>> I've parsed global.php and other source files and cannot find a
>> time/expiration value set by squirrelmail.
>
> grep -rin setcookie src/ functions/ | grep -v \.svn
>
>> The php.ini is using "session.cookie_lifetime = 0" (same as prior
>> system,
>> old system was php4.x)
>
> You also need to look at your session lifetime (see above).
>
>> Why the difference? What to do/check???
>> (some of this might be attributed to being on dynamic IP for DSL, but
>> I'm
>> certain that there's something different between the old and new
>> system.)
>>
>
Bottom posting... sorry, too much new code...:
I compared the grep output and it seems that there is an important
difference in the calls to setcookie between my systems within the default
code of squirrelmail.
First, both php.ini use "session.gc_maxlifetime = 1440", so there's no
difference there, but thanks for the steer on that!
OLD squirrelmail 1.4.10a install (unedited)
"grep -rin setcookie src/ functions/ | grep -v \.svn"
src/redirect.php:64:setcookie('squirrelmail_language',
$squirrelmail_language, time()+2592000,
src/redirect.php:99: setcookie('key', $key, 0, $base_uri);
src/webmail.php:74: setcookie('squirrelmail_language', $my_language,
time()+2592000, $base_uri);
functions/global.php:366: *
http://www.php.net/manual/en/function.setcookie.php
functions/global.php:377: if (isset($_COOKIE[session_name()]))
setcookie(session_name(), '', 0, $base_uri);
functions/global.php:378: if (isset($_COOKIE['username']))
setcookie('username', '', 0, $base_uri);
functions/global.php:379: if (isset($_COOKIE['key'])) setcookie('key',
'', 0, $base_uri);
NEW squirrelmail 1.4.13 install (unedited)
"grep -rin setcookie src/ functions/ | grep -v \.svn"
src/redirect.php:62:setcookie('squirrelmail_language',
$squirrelmail_language, time()+2592000,
src/redirect.php:97: setcookie('key', $key, 0, $base_uri);
src/webmail.php:70: setcookie('squirrelmail_language', $my_language,
time()+2592000, $base_uri);
functions/global.php:338: *
http://www.php.net/manual/en/function.setcookie.php
functions/global.php:349: if (isset($_COOKIE[session_name()]))
setcookie(session_name(), $_COOKIE[session_name()], 1, $base_uri);
functions/global.php:350: if (isset($_COOKIE['key'])) setcookie('key',
'SQMTRASH', 1, $base_uri);
The DIFFERENCE I see is that the two calls in new global.php use is the
third parameter of "1" which is seconds to expire the cookie?! This is
versus "0" in the prior version setting the cookie to expire on browser
close.
Curious on your thoughts how a value of "1" can function correctly?
Nobody seems to be up in arms so probably not a big deal...
Just for snicks I checked my crontabs (and crontab includes)...
AHA! Found that Ubuntu 7.04 ships with /etc/cron.d/php5 which reads:
# /etc/cron.d/php5: crontab fragment for php5
# This purges session files older than X, where X is defined in seconds
# as the largest value of session.gc_maxlifetime from all your php.ini
# files, or 24 minutes if not defined. See /usr/lib/php5/maxlifetime
# Look for and purge old sessions every 30 minutes
09,39 * * * * root [ -d /var/lib/php5 ] && find /var/lib/php5/
-type f -cmin +$(/usr/lib/php5/maxlifetime) -print0
| xargs -r -0 rm
my output value for /usr/lib/php5/maxlifetime is "24"
Hmmmm, that's not consistent with my sessions lasting most of the day
while I'm using squirrelmail, but expiring overnight, even with a fresh
login.
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
-----
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
