From 68de3a71b930f55c0713197c745263e088601b0b Mon Sep 17 00:00:00 2001
From: Focuslinkstech <45756999+Focuslinkstech@users.noreply.github.com>
Date: Thu, 12 Sep 2024 11:39:45 +0100
Subject: [PATCH] if admin session time error, it logout admin out whether
 admin are online or not, once time reach it logout you out

---
 system/autoload/Admin.php | 32 +++++++++++++++++---------------
 1 file changed, 17 insertions(+), 15 deletions(-)

diff --git a/system/autoload/Admin.php b/system/autoload/Admin.php
index 66052cda..18d016c6 100644
--- a/system/autoload/Admin.php
+++ b/system/autoload/Admin.php
@@ -13,25 +13,27 @@ class Admin
     {
         global $db_pass, $config;
         $enable_session_timeout = $config['enable_session_timeout'];
-        if ($enable_session_timeout) {
-            $timeout = 60;
-            if ($config['session_timeout_duration']) {
-                $timeout = intval($config['session_timeout_duration']);
+        $session_timeout_duration = $config['session_timeout_duration'] ? intval($config['session_timeout_duration'] * 60) : intval(60 * 60); // Convert minutes to seconds
+
+        // Check if the session is active and valid
+        if (isset($_SESSION['aid']) && isset($_SESSION['aid_expiration'])) {
+            if ($_SESSION['aid_expiration'] > time()) {
+                if ($enable_session_timeout) {
+                    $_SESSION['aid_expiration'] = time() + $session_timeout_duration;
+                }
+                return $_SESSION['aid'];
+            }
+            // Session expired, log out the user
+            elseif ($enable_session_timeout && $_SESSION['aid_expiration'] <= time()) {
+                self::removeCookie();
+                session_destroy();
+                _alert(Lang::T('Session has expired. Please log in again.'), 'danger', "admin");
+                return 0;
             }
-            $session_timeout_duration = $timeout * 60; // Convert minutes to seconds
         }
 
-        if (isset($_SESSION['aid']) && isset($_SESSION['aid_expiration']) && $_SESSION['aid_expiration'] > time()) {
-            return $_SESSION['aid'];
-        } elseif ($enable_session_timeout && isset($_SESSION['aid']) && isset($_SESSION['aid_expiration']) && $_SESSION['aid_expiration'] <= time()) {
-            self::removeCookie();
-            session_destroy();
-            _alert(Lang::T('Session has expired. Please log in again.'), 'danger', "admin");
-            return 0;
-        }
-        // Check if cookie is set and valid
+        // Check if the cookie is set and valid
         elseif (isset($_COOKIE['aid'])) {
-            // id.time.sha1
             $tmp = explode('.', $_COOKIE['aid']);
             if (sha1($tmp[0] . '.' . $tmp[1] . '.' . $db_pass) == $tmp[2]) {
                 if (time() - $tmp[1] < 86400 * 7) {