New WordPress Plugin to configure user timeouts

December 1, 2010 · by nathan · in Giving back

I published my second plugin for WordPress today. It lets you configure how long user sessions and the “remember me” cookie last. By default they’re only 2 days and 2 weeks, respectively.

Twofold impetus: a problem with the internal P2 microblog at work when people like me left their browsers open for long periods, and the fact that I access too many WordPress blogs from too many different computers for the 2 week “Remember Me” timeout to be convenient enough. Cranking it up to 22 years!

The WordPress documentation is pretty great BTW.

And it was a little bit interesting to run in to the Year 2038 problem with 32-bit int timestamps. I don’t know, it was fun working around the “infinity” ceiling:

  if ( PHP_INT_MAX - time() < $expire_in ) {
    $expire_in =  PHP_INT_MAX - time() - 5;
  }

Tags: plugin, wordpress

3 Responses

Mick Billingsley February 24, 2011 at 10:07 am ·

Is there a way to set this so that the cookies expire when the browser is closed. It makes my families nervous that if they come back to the site the password protected information is visible because they’ve have previously logged in and the cookie has yet to expire. My explanation of this doesn’t satisfy them and I’d like to just have it require your login for each browser session. Thanks for your help.

-Mick
nathan February 25, 2011 at 7:24 pm ·

Mick, it sounds like you’re talking about password-protected private posts, and I’m not sure they have the same login cookie.

I think the main WordPress login cookie normally expires when the browser is closed unless the “Remember me” box is checked. But if you’re worried about someone using your browser cookies, you should use features like Chrome’s Incognito, or Firefox or Safari’s Private Browsing modes. When you close those browsers they will delete any cookies you used while they’re open.
Jayne September 15, 2013 at 6:44 pm ·

Hi Nathan Have you thought of extending this to Protected Pages, but setting the cookie expiry time to a couple of (or zero) seconds so that a user has to re-enter the password every time they visit the page, The current expiry time is about 10 days and creates problems if protected pages are viewed on Public Computers (Libraries).

This seems to be a fairly common request, but so far every one says to modifying the wp-login.php file to alter the Protected Page Cookie expiry time. I tried setting the time to 10 seconds and the Protected Pages worked as I wanted. The down side of this method is that if you upgrade WP to a later version, the changes will be overwritten.

Any chance of a plugin to shorten the Protected Pages cokkie

Jayne

Leave a Reply Click here to cancel reply.

← Isolating which rogue program is trying to access the Internet using Windows 7

Parsing ISO 8601 dates in JavaScript →

Thanks for visiting my blog. I hope you find it useful.

If you have benefitted from something here, please consider helping me spread the word about my first iOS app, Teüna. It’s a chromatic tuner for any instrument or voice and it runs on iPhone, iPad and iPod Touch. I've taken special care to make it elegant, fast, and accurate, and I think it's honestly the best tuner on the App Store for everyday use.

If you could take a minute to mention Teüna to any musician, student, teacher or parent you know who might like it, I'd really appreciate it. If you're feeling really generous, App Store reviews are the best way to thank me!

New WordPress Plugin to configure user timeouts

3 Responses

Leave a Reply Click here to cancel reply.

Can you help me too?

Search

I’ve written about

Recently del.icio.us

Spam Blocked

Meta