Using framework.session.cookie_lifetime breaks Database Admin

I’m attempting to persist an end-user authentication session after the browser closes and to my knowledge the way to do this is to modify the app/config/config.yml file to include a cookie lifespan of 2592000 (30 days in seconds, where the default is 0).

Setting a value on the framework.session.cookie_lifetime node works as expected and sets the cookie lifespan correctly, however this breaks the Tools > System Info & Tools > Database Administration front-end resources resulting in a bunch of http 500 code errors.

Upon closer inspection the errors displayed on screen for these assets reads “The cookie expiration time is not valid.” originating from Symfony\Component\HttpFoundation\Cookie around this block of code:

// convert expiration time to a Unix timestamp
if ($expire instanceof \DateTimeInterface) {
    $expire = $expire->format('U');
} elseif (!is_numeric($expire)) {
    $expire = strtotime($expire);
    if (false === $expire) {
        throw new \InvalidArgumentException('The cookie expiration time is not valid.');
    }
}

Is there a more correct way to define a cookie lifespan in such a way that doesn’t break this PimCore feature?


Edit:

Some additional info and sleuthing. The date format by the time it makes it to this block of code is similar to Sun, 25-Oct-2020 04 which appears to not be understood by the strtotime() function.

I’m not sure what 04 in this example represents, maybe timezone? If that’s the case, it’s not properly formatted, which in this case, removing it allows it to work with strtotime().

@RedYetiCo There’s already a PR to fix this issue https://github.com/pimcore/pimcore/pull/7171 and will be fixed in v6.7.3

1 Like