FrontAccounting forum — System being logged out

Re: System being logged out

2020-01-14T20:05:10Z

Regenerating sessions periodically is used to make session hijacking more difficult. I suppose if you are not concerned about that you could change the code to not do it and it could make debugging easier. But my guess is that following this trail will get cold. The old session is probably the one that is expiring and you don't care about that anyway.

Re: System being logged out

2020-01-14T17:09:01Z

I have debugged the issue in detail and found that calling the below function is making the system being logout.

function regenerateSession()

When in one session.inc call the above function is called and regenerates the new session id

On the next call when

function validateSession() is called it returns false on following condition

if (isset($_SESSION['EXPIRES']) && $_SESSION['EXPIRES'] < time()) {
return false;
}

Any idea? Why regenerate is important? and this condition is failing?

Re: System being logged out

2019-12-18T04:31:40Z

Check the wiki for the last entry in Pre-Requisites.

Re: System being logged out

2019-12-17T12:51:32Z

You can find out what session the browser was using before the logout event and then see if it still exists or is corrupted in some way after the logout event. For Firefox, open the storage inspector with shift F9. The session name is stored as a cookie. After the unexpected logout, look for the session file on the server. If it is gone, then you know that something on the server removed it.

If it is still there, then the problem becomes more interesting, as then you will need to examine the file for clues why FA could not use it. I would also guess that if it were still there, FA would display "authorization timeout" or some other error message.

Note that when a session file is removed unexpectedly, FA will initiate a logout and create a new session. So looking for the session cookie name after logout tells you nothing. FA apparently does not issue an error message if its cookie is gone. The screen display is the same as when a brand new session is initiated with FA.

Re: System being logged out

2019-12-17T07:04:51Z

Sometimes it happens. If you clear your browser cache the issue will be fixed. But I didn't get exact solution within Fa program itself.

Re: System being logged out

2019-12-17T05:28:56Z

@Braath, thanks. The logout is not "Authorization Timeout". Suddenly the main login screen appears. I have increased the session timeout to 36000 secs in both php.ini and company setup.

How can I set a monitoring on Session. Any hint?

Re: System being logged out

2019-12-16T16:16:56Z

If you see the message "Authorization timeout", then FA is the culprit. If not, then the php session was removed/corrupted/not accessible. The php maximum session lifetime is stored in php.ini. On ubuntu, the sessions are stored in /var/lib/php/sessions. You can monitor the session file in this directory and see what happened to it when the client was logged out. What your client was doing in FA at the time should have no bearing on the logout.

System being logged out

2019-12-16T13:41:45Z

One of my clients have 300-400 invoices on daily basis.

While punching invoices, he is facing abnormally system being logged out.

No particular behavior or error is recorded.

Sometimes it logs out after 2 invoices and sometimes after 8 invoices.

Any ideas?