Item1094: invalid expiry date for session cookies
Priority: Urgent
Current State: Closed
Released In: 1.0.1
Target Release: patch
Applies To: Engine
Component:
Branches:
Found out why the "remember me" feature never worked.
Summary:
Switching on
ExpireCookiesAfter
gives you this "remember me" checkbox during template login. The engine in turn then sets the expire property of the session cookie to the defined value in the future when the browser is to expire this cookie. This time gets renewed whenever the
browser hits the site again. The format of this timestamp however is parsed differently by the browsers out there. I don't know which browsers are capable of parsing a timeformat
$dow, $day-$month-$ye $hours:$minutes:$seconds GMT
. Most probably
$dow
being the
numerical day in the week is plain wrong. This must be
$wday
. While firefox does parse this date format, it results in some insane time in the future. Other browsers simply ignore it and fall back to expire the cookie at the end of the session (when the browser closes).
--
MichaelDaum - 17 Feb 2009