I have a custom build of a SecurityAssist site for a client's intranet. They have integrated it into their own systems (ActiveDirectory) and all is working fine apart from one thing - I think their php.ini settings are set to keep users logged in indefinitely, however the session values I have used extensively throughout the site to display relevant content are expiring after an hour. This results in the user remaining logged in, but if they have been inactive for an hour and then go back to it and refresh, all they can see is a lot of empty boxes! Normally of course the user would be logged out automatically when these sessions expire and so they wouldn't see this happening.
I've read the forums and Googled but everything I've found so far points to it being something in their php.ini file. I wondered though if there is anything in the Webassist files that sets a session expiry value? I did a global site search for "3600" seconds and found this in the kfm/j/all.php file:
header('Expires: '.gmdate("D, d M Y H:i:s", time() + 3600*24*365).' GMT');
Also in a few other places but I don't know what they control. I don't want to change anything without knowing whether it will mess anything up!