new option: SESSION_EXPIRE_TIME

config.php-dist

@@ -113,6 +113,10 @@
 
 	define('SESSION_COOKIE_LIFETIME_REMEMBER', 86400);
 	// Session cookie lifetime if "remember me" is checked on login.
-	
+
+	define('SESSION_EXPIRE_TIME', 86400);
+	// Hard expiration limit for sessions. Should be
+	// >= SESSION_COOKIE_LIFETIME_REMEMBER
+
 	// vim:ft=php
 ?>

sessions.php

@@ -4,7 +4,7 @@
 	require_once "config.php";
 	require_once "db.php";
 
-	$session_expire = 3600; //seconds
+	$session_expire = SESSION_EXPIRE_TIME; //seconds
 
 	ini_set("session.gc_probability", 50);
 	ini_set("session.name", "ttrss_sid");