Timeout in globals not being honored?

In globals we have the Idle Session Timeout value set to 7200 seconds. The session times out long before this. Is it not honoring this value? Is there something else that needs to be configured. Clinical and front office staff claim that this did not happen in v5.0.2.

OpenEMR Version
6.0.0 patch 1

Chrome, latest version

Operating System
Reproduced on macOS, W10, etc.

Not sure what logs to check on this one.

I do see some of these in the logs:
[02-Jun-2021 16:25:09 America/Denver] PHP Warning: session_destroy(): Trying to destroy uninitialized session in /home/xxxxxxx/public_html/emr/src/Common/Session/SessionUtil.php on line 231

And a whole bunch of these:
[02-Jun-2021 16:24:59 America/Denver] OpenEMR CSRF token authentication error

hi @midder, some recent work fixing the timeout will be in the next patch.

Thanks @stephenwaite. Are you aware of a workaround in the meantime? I’m getting a bit of grief over the issue from providers having their notes disappear while with patients.

Is this related to PR 4439?

try these 4 commits (in this order) from the rel-600 branch:

  1. Fix for "Site ID is missing from session data!" when session expires.… · openemr/openemr@033d2fb · GitHub
  2. fix for removal of require in recent work to auth.inc · openemr/openemr@bb46c12 · GitHub
  3. updated timeout mechanism (#4439) · openemr/openemr@1a2a32f · GitHub
  4. incremented v_js_includes · openemr/openemr@748340a · GitHub

Thanks @brady.miller. Will give it a try and report back.

Seems to work well from my own testing.

I’ll wait to hear from the providers and other staff in the morning and then will mark as the solution if no issues.

Thanks for the help.

Guess I spoke too soon there. Staff still saying it’s no different than yesterday.

How close are we to patch 2?

hello @midder, pretty close, here’s a beta version of what will be created.

patch2-beta.zip (688.5 KB)

For what it’s worth, I had a problem like this (losing notes due to time out) from the time I began using OpenEMR last year (5.2, then 6.0). I checked all the OpenEMR settings, and what finally worked was changing a setitng outside of OpenEMR - an Apache config, I think. I will see if I can find what it was - unless you think this can’t be the problem - for example, if everything was working fine before.

Addendum: I think it was in php.ini, session.gc_maxlifetime = 14400 . This seemed to solve the problem I was having, not sure if yours is the same.

We never had issues prior to v6. Our EMR timeout is 2 hours and has been for years.

Since this has been acknowledged by the developers I would think that the particular issue we are hitting here is code related. I’ll review our php settings as well.

The php.ini setting change has fixed your issue in v6?