[BUGFIX] sessionTimeout for BE does not work
authorMario Rimann <typo3-coding@rimann.org>
Mon, 5 Dec 2011 20:59:26 +0000 (21:59 +0100)
committerGeorg Ringer <mail@ringerge.org>
Sat, 17 Dec 2011 16:51:43 +0000 (17:51 +0100)
Changes an is_string() check to a check out of t3lib_Utility_Math
which will also accept '86400' as a valid value and not only 86400.

Change-Id: I5a8bfe4b1015d9a6195a9831272bd7e5518110dc
Resolves: #32274
Releases: 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/7079
Reviewed-by: Markus Klein
Reviewed-by: Simon Schaufelberger
Tested-by: Simon Schaufelberger
Reviewed-by: Michael Stucki
Reviewed-by: Oliver Klee
Tested-by: Markus Klein
Reviewed-by: Georg Ringer
Tested-by: Georg Ringer
t3lib/class.t3lib_userauth.php

index 7028aea..2b89e96 100644 (file)
@@ -770,10 +770,10 @@ abstract class t3lib_userAuth {
 
                if ($statement && $user) {
                                // A user was found
-                       if (is_string($this->auth_timeout_field)) {
-                               $timeout = intval($user[$this->auth_timeout_field]); // Get timeout-time from usertable
-                       } else {
+                       if (t3lib_Utility_Math::canBeInterpretedAsInteger($this->auth_timeout_field)) {
                                $timeout = intval($this->auth_timeout_field); // Get timeout from object
+                       } else {
+                               $timeout = intval($user[$this->auth_timeout_field]); // Get timeout-time from usertable
                        }
                                // If timeout > 0 (TRUE) and currenttime has not exceeded the latest sessions-time plus the timeout in seconds then accept user
                                // Option later on: We could check that last update was at least x seconds ago in order not to update twice in a row if one script redirects to another...