-
1. Add some documentation to session.php explaining what the session.gc_maxlifetime ini setting does. 2. If we can't access $CFG->session_timeout, use a timeout of an hour instead of the PHP default of 24 minutes. 3. Limit $CFG->session_timeout to 30 days, because we're already enforcing that limit in session.php 4. Add "usr_session.mtime" column so that we can delete old sessions based on inactivity instead of creation date. 5. Make the cron delete old session files as soon as they've expired, rather than padding that an additional two days. Change-Id: I9da2b26217774566b1131e997724359715edb2fe behatnotneeded: Covered by existing tests
0913742c