I don't recall there ever being a working setting. But I think there should be. I've had to manually hack my code in order to get sessions to last longer.

There is a 'Session expiry-time' config option which is set to an hour by default. Not sure why I keep getting logged out after 5 mins if this is being applied (I recall that 5 mins is the value before a user is considered to have gone offline/inactive).

Pretty sure I saw session length under usergroup settings at one point (maybe ocPortal), if not then I must be losing my mind (again).

Is it possible someone is resetting MySQL?

You're right KingBlast... I was thinking of ocPortal 9 when I had to hack the code... Composr has the session_expiry_time setting.

set_session_id in users_inactive_occasionals.php sets the time expiry of a cookie via.

$timeout = $guest_session ? (time() + intval(60.0 * 60.0 * max(0.017, floatval(get_option('session_expiry_time'))))) : null;

If $guest_session, then no timeout. Otherwise, set a time out of whichever is greater... 0.017 hours (aka. 61.2 seconds) or the value of session_expiry_time .

So yes, it shouldn't be timing out. I just had a lie down and 30 minutes later my session is still alive.

I mentioned MySQL because we use what is called a 'MEMORY' (aka 'HEAP') table in MySQL for cms_sessions. This is a memory-only resident table. If MySQL is reset, sessions get lost.

Oh and if you close and reopen your browser, that would make the session get lost also.

I tested using 2 browsers in parallel and it worked too. Upon opening second browser I had to confirm the session, then it resumed the same session ID as the browser I already had logged in with. Both remaining with a confirmed sessions.

If you want to try something, you can try editing the cms_sessions table to be MyISAM, see if it makes a difference.

Changed from MEMORY to MyISAM and that seems to have done the trick. Not sure how or why :)

Ok I'll add it to the FAQ.