Merge branch 'MDL-56129-master' of git://github.com/andrewnicols/moodle

diff --git a/lib/classes/session/manager.php b/lib/classes/session/manager.php
index 4d0386b..c75e12b 100644 (file)
--- a/lib/classes/session/manager.php
+++ b/lib/classes/session/manager.php
@@ -252,7 +252,12 @@ class manager {
 
         // Set configuration.
         session_name($sessionname);
-        session_set_cookie_params(0, $CFG->sessioncookiepath, $CFG->sessioncookiedomain, $cookiesecure, $CFG->cookiehttponly);
+        // The session cookie expiry time cannot be extended so this needs to be set to a reasonable period, longer than
+        // the sessiontimeout.
+        // This ensures that the cookie is unlikely to timeout before the session does.
+        $sessionlifetime = $CFG->sessiontimeout + WEEKSECS;
+        session_set_cookie_params($sessionlifetime, $CFG->sessioncookiepath, $CFG->sessioncookiedomain,
+                $cookiesecure, $CFG->cookiehttponly);
         ini_set('session.use_trans_sid', '0');
         ini_set('session.use_only_cookies', '1');
         ini_set('session.hash_function', '0');        // For now MD5 - we do not have room for sha-1 in sessions table.