[BUGFIX] sessionTimeout for BE does not work
authorMario Rimann <typo3-coding@rimann.org>
Mon, 5 Dec 2011 20:59:26 +0000 (21:59 +0100)
committerGeorg Ringer <mail@ringerge.org>
Sun, 18 Dec 2011 09:05:06 +0000 (10:05 +0100)
Changes an is_string() check to a check out of t3lib_Utility_Math
which will also accept '86400' as a valid value and not only 86400.

Change-Id: I469b532b67fc5ac523ced85616bcb869ec1e7b6d
Resolves: #32274
Releases: 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/7354
Reviewed-by: Markus Klein
Tested-by: Markus Klein
Reviewed-by: Georg Ringer
Tested-by: Georg Ringer
t3lib/class.t3lib_userauth.php

index e8256eb..8f69d5c 100644 (file)
@@ -828,10 +828,10 @@ class t3lib_userAuth {
 
                if ($statement && $user) {
                                // A user was found
-                       if (is_string($this->auth_timeout_field)) {
-                               $timeout = intval($user[$this->auth_timeout_field]); // Get timeout-time from usertable
-                       } else {
+                       if (t3lib_div::testInt($this->auth_timeout_field)) {
                                $timeout = intval($this->auth_timeout_field); // Get timeout from object
+                       } else {
+                               $timeout = intval($user[$this->auth_timeout_field]); // Get timeout-time from usertable
                        }
                                // If timeout > 0 (true) and currenttime has not exceeded the latest sessions-time plus the timeout in seconds then accept user
                                // Option later on: We could check that last update was at least x seconds ago in order not to update twice in a row if one script redirects to another...
@@ -1487,4 +1487,4 @@ if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLA
        include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_userauth.php']);
 }
 
-?>
\ No newline at end of file
+?>