Try harder to honor LoginCookieValidity setting

Even when it is lower than session.gc_maxlifetime we try to keepalive
the session by AJAX.

Fixes #11231

Signed-off-by: Michal Čihař <michal@cihar.com>

ChangeLog

@@ -76,6 +76,7 @@ phpMyAdmin - ChangeLog
 - issue #12976 Improved foreign key editor behavior
 - issue #12958 Always show error reporting dialog on top
 - issue #12693 Improved support for TokuDB
+- issue #11231 Try harder to honor LoginCookieValidity setting
 
 4.6.6 (2017-01-23)
 - issue #12759 Fix Notice regarding 'Undefined index: old_usergroup'

js/functions.js

@@ -937,15 +937,22 @@ AJAX.registerOnload('functions.js', function () {
                 data: params,
                 success: function (data) {
                     if (data.success) {
-                        var remaining = PMA_commonParams.get('LoginCookieValidity') - _idleSecondsCounter;
+                        if (PMA_commonParams.get('LoginCookieValidity') - _idleSecondsCounter < 0) {
+                            /* There is other active window, let's reset counter */
+                            _idleSecondsCounter = 0;
+                        }
+                        var remaining = Math.min(
+                            /* Remaining login validity */
+                            PMA_commonParams.get('LoginCookieValidity') - _idleSecondsCounter,
+                            /* Remaining time till session GC */
+                            PMA_commonParams.get('session_gc_maxlifetime')
+                        );
+                        var interval = 1000;
                         if (remaining > 5) {
                             // max value for setInterval() function
-                            var interval = Math.min((remaining - 1) * 1000, Math.pow(2, 31) - 1);
-                            updateTimeout = window.setTimeout(UpdateIdleTime, interval);
-                        } else if (remaining > 0) {
-                            // We're close to session expiry
-                            updateTimeout = window.setTimeout(UpdateIdleTime, 1000);
+                            interval = Math.min((remaining - 1) * 1000, Math.pow(2, 31) - 1);
                         }
+                        updateTimeout = window.setTimeout(UpdateIdleTime, interval);
                     } else { //timeout occurred
                         if(isStorageSupported('sessionStorage')){
                             window.sessionStorage.clear();
@@ -958,7 +965,11 @@ AJAX.registerOnload('functions.js', function () {
     }
     if (PMA_commonParams.get('logged_in') && PMA_commonParams.get('auth_type') == 'cookie') {
         IncInterval = window.setInterval(SetIdleTime, 1000);
-        var interval = (PMA_commonParams.get('LoginCookieValidity') - 5) * 1000;
+        var session_timeout = Math.min(
+            PMA_commonParams.get('LoginCookieValidity'),
+            PMA_commonParams.get('session_gc_maxlifetime')
+        );
+        var interval = (session_timeout - 5) * 1000;
         if (interval > Math.pow(2, 31) - 1) { // max value for setInterval() function
             interval = Math.pow(2, 31) - 1;
         }

libraries/Header.php

@@ -252,6 +252,7 @@ public function getJsParams()
             'pftext' => $pftext,
             'confirm' => $GLOBALS['cfg']['Confirm'],
             'LoginCookieValidity' => $GLOBALS['cfg']['LoginCookieValidity'],
+            'session_gc_maxlifetime' => (int)@ini_get('session.gc_maxlifetime'),
             'logged_in' => isset($GLOBALS['userlink']) ? true : false,
             'PMA_VERSION' => PMA_VERSION
         );