Questions about user session timeouts

[bodyjewelrystores]

Hi,

Three questions:

1 --- One of our customers has complained that he took a 1 hour lunch break from filling out a large order, and when he came back his session had expired and the cart contents were gone. So I increased "Configuration > My Store > Admin Session Time Out in Seconds" to 7200 (2 hours).

But then I checked the "session.gc_maxlifetime" variable (in "Tools > Server Info") and there are two columns there: "Local Value" = 7200 and "Master Value" = 1440.
What is this "master value" and how does it affect the changes I made? I'm guessing its something set by our web hosts? Does it override my setting?

2 --- The customer was not logged in when he was adding items to the cart, and it seems like the cart contents are lost permanently. Is there any way to retrieve the cart contents for him? (our session cache method is set to "file").

3 --- Is there any way to force customers to log in before any item can be added to cart?
Our server is pretty slow - so until we can move to a faster one, we would like to avoid "total loss" this way, at least the cart contents will come back when the customer logs in again.......

Thanks.

[DrByte]

1. The admin timeout setting is for the admin side only.
The "master" is the server-wide setting which applies if you don't override it.
The "local" value is the setting currently active by your override, and takes effect over the "master" value.

2. Sorry, no, if he wasn't logged in, his cart contents are gone.

3. If you change your customer mode to "must be logged in to see prices", they can still poke around but can't add to cart until they log in.
Admin->Configuration->Customer Details->Customer Shop Status - View Shop and Prices

Customer Shop Status - View Shop and Prices
Customer must be approved to shop?
0= Not required
1= Must login to browse
2= May browse but no prices unless logged in
3= Showroom Only

Or, you could just put up a note on the page telling them to login if they want their in-progress cart to be stored between now and when they do their checkout.

[bodyjewelrystores]

Hi DrByte,

Thanks for your reply.
So.....

1 - "The admin timeout setting is for the admin side only" - so is there anything else I need to change in order to control the user session lifetime?
Or, if the "Local Value" for "session.gc_maxlifetime" is already 7200, then I don't need to worry about it?

2 - "must be logged in to see prices" - yes, we've considered using that option, but we would still like everyone to be able to see prices, even if they're not logged in... the only thing we would like to prevent is adding items to the cart.
Is there any quick way to add a check to the php code, when someone is adding a product to the cart, which would redirect the user to the login page if they're not signed in yet?

Once again, many thanks.