if you upgrade, it might affect you in one way: because we introduced
an idle timeout the session could expire earlier (default value is 600
The "hard" timeout is unchanged and will expire the session in any
case after 1200 seconds (default value).

Could we discuss why the code uses $_SERVER["REQUEST_TIME"] for the
current time?

And I think it should be more consistent: we use
$_SERVER["REQUEST_TIME"] to check for a timeout but we use time() to
actually set/update
the values.


Reply via email to