I suppose I could put up big fat text on the login page that says "don't forget to log out if you're on a shared PC" but it seems sort of old fashioned, ya know?

Lol, thankfully this has already been thought off ;)

conf/_advanced.php

/**
 * Expiration for cookies.
 *
 * Value in seconds, set this to 0 if you wish to use non permanent cookies (erased when browser is closed).
 *
 * @global int $cookie_expires
 */
$cookie_expires = time() + 2678400;		// 31 days

;)

¥

Half way there! I saw an older thread where someone said doing it this way made them login with every click of a tab in the back office.

$cookie_expires = time() + 0;

Setting it to only 0 instead of +0 makes it stay as long as the browser is active:

$cookie_expires = 0;

Problem is it's still all or nothing. I think I can do up a hack that puts a checkbox at login so you can say "remember me" or something like that. This way you can have the byebye version, or the year-long version.

Hacking is fun!

Lol, that'll teach me to try shit before I post :p

This isn't as simple as it seems, the value is hard coded, so, to overide it you'd need to set a cookie to tell the cookie that it can be a bigger cookie, and then you'd need to be able override that cookie (that's telling the cookie to be a biger cookie) to stop telling the cookie too be a bigger cookie if the user logs out ......... damn, that's gonna be a challenge! ...... unfortunately I'm waaaay ahead of you at failing a breath test, so it's probably going to be some time after you're snugly asleep that I'll be able to put some caffinated thought into this.

At least it gives you something to wake up to ;)

¥

Hi EdB,
Sorry, I got a tad involved with coding and didn't get chance to look/think about this today. I might get a chance later, but the chances are that life will intrude ..... followed by the night cylcle kicking in, followed by the sun suprising the hell out of me as it rises once again.

So, unless you've got huge lungs, don't start holding your breath 'til you next wake up :P

¥

No worries! I think it'd be a groovy option, but for my little project I went with the big fat text method. If I hear a bunch of complaints I'll say "all or nothing - take your pick".

Basically too many cookies flipping cookies because another cookie flipped a cookie scared me. I suppose if I was highly motivated I'd open up the code for an application that gives this option, learn all about it, then snag one bit from there and bring over here.

So much easier to just warn people DON'T FORGET TO LOG OUT IF YOU'RE ON A SHARED PC!!!

Aw heck I just remembered I put the warning on the registration complete page and login page but didn't tweak the back office to prominently display that little reality. Oh well! *I* am not going to be the one who suffers for lack of knowledge ;)

Lol, considering most users would just click "ok" to a huge warning that said "because I hate making a cookie tell a cookie that it's the wrong cookie and should be a different cookie you must remember to logout so I can tell the right cookie to stop telling the wrong cookie to be the right cookie and no longer be a cookie at all", I'll try and come up with a solution ;)

¥

Ok, two possible solutions for you

1/ fixed "remember me" time span

conf/_advanced.php

 * Expired-time used to erase cookies.
 *
 * @global int $cookie_expired
 */
$cookie_expired = time() - 86400;				// Default: 24 hours ago


/**
 * Value in seconds to remember a user who ticks the box
 */
$remember_duration = 10;

b2evocore/_functions_users.php

		global $remember_duration;

		if ( isset( $_POST['remember_me'] ) )
		{
			$remember_me = $_POST['remember_me'];
			if ( $remember_me ) $cookie_expires = time() + $remember_duration;
		}

		// Login succeeded:
		//echo $user_login, $pass_is_md5, $user_pass,  $cookie_domain;
		if( !setcookie( $cookie_user, $log, $cookie_expires, $cookie_path, $cookie_domain ) )

htsrv/_login_form.php

			<div class="input"><input type="password" name="pwd" id="pwd" size="16" maxlength="20" value="" class="large" /></div>
			<?php form_checkbox( 'remember_me', $remember_me, T_('Remember me :'), T_('Tick this to save your username and password') ); ?>

2/ Variable "remember me" time span

b2evocore/_functions_users.php

		if ( isset( $_POST['remember_me'] ) )
		{
			$remember_me = $_POST['remember_me'];
			$cookie_expires = 0;
			if ( $remember_me ) $cookie_expires = time() + $remember_me;
		}
		// Login succeeded:
		//echo $user_login, $pass_is_md5, $user_pass,  $cookie_domain;
		if( !setcookie( $cookie_user, $log, $cookie_expires, $cookie_path, $cookie_domain ) )

htsrv/_login_form.php

			<div class="input"><input type="password" name="pwd" id="pwd" size="16" maxlength="20" value="" class="large" /></div>
			<div class="label"><label for="remember_me"><?php echo T_('Remember me :') ?></label></div>
			<div class="input"><select name='remember_me'>
			<option value='0'>Session only</option>
			<option value='10'>10 seconds</option>
			<option value='20'>20 seconds</option>
			<option value='30'>30 seconds</option>
			<option value='40'>40 seconds</option>
			<option value='50'>50 seconds</option>
			<option value='60'>1 minute</option>
			</select></div>

¥

*edit*
To correct typo in code :S