diff --git a/include/class.auth.php b/include/class.auth.php index a7dbfecbdcb294451544c0716623f07fb1f0f086..a4f32d86bfc3ed88e9fd100a2309cbd58a172a41 100644 --- a/include/class.auth.php +++ b/include/class.auth.php @@ -315,7 +315,7 @@ abstract class StaffAuthenticationBackend extends AuthenticationBackend { $authsession['key'] = $authkey; $staff->setAuthKey($authkey); - $staff->refreshSession(); //set the hash. + $staff->refreshSession(true); //set the hash. $_SESSION['TZ_OFFSET'] = $staff->getTZoffset(); $_SESSION['TZ_DST'] = $staff->observeDaylight(); @@ -439,7 +439,7 @@ abstract class UserAuthenticationBackend extends AuthenticationBackend { // XXX: encrypt to hide the bk?? $user->setAuthKey($authkey); - $user->refreshSession(); //set the hash. + $user->refreshSession(true); //set the hash. //Log login info... $msg=sprintf('%s (%s) logged in [%s]', diff --git a/include/class.usersession.php b/include/class.usersession.php index 9244009ab82496aca5d3115376630cadd329553b..31c4ce058d50939e10dabda80fe736ab3095c83f 100644 --- a/include/class.usersession.php +++ b/include/class.usersession.php @@ -133,7 +133,6 @@ class ClientSession extends EndUser { } function refreshSession($force=false){ - $time = $this->session->getLastUpdate($this->token); // Deadband session token updates to once / 30-seconds if (!$force && time() - $time < 30)