From d235e12e2f386607638e5380692e5d4372ad23d3 Mon Sep 17 00:00:00 2001
From: JB <john@globaldyne.co.uk>
Date: Fri, 15 Nov 2024 15:24:07 +0000
Subject: [PATCH] [3e493e23] - Added openshift yaml manifests - Improve db
 connect method - Added a dedicated page to display in case of fatal error -
 Added a session timeout to automatically logoff the user after 30 minutes of
 inactivity - configurable by user - Change selected material color to yellow
 in formula making for better descrimination - Various minor updates and code
 clean-up - Added a function to convert session time to hours/mins

---
 CHANGELOG.md                        |  5 +++
 core/ajax-session.php               | 50 +++++++++++++++++++----
 core/auth.php                       | 29 ++++++++++++++
 core/configureSystem.php            | 11 ++---
 core/core.php                       |  7 +++-
 css/vault.css                       |  2 +-
 func/convertTime.php                | 19 +++++++++
 inc/opendb.php                      | 14 +++----
 inc/sec.php                         | 21 ++++++++++
 index.php                           |  7 ----
 js/validate-session.js              |  8 ++--
 logout.php                          | 17 ++++++--
 pages/error.php                     | 32 +++++++++++++++
 pages/formula.php                   | 62 ++++++++++++++++-------------
 pages/makeFormula.php               | 37 +++++++++--------
 pages/views/formula/getFormMeta.php | 14 +++----
 pages/views/settings/general.php    | 12 +++++-
 releasenotes.md                     | 19 +++++++++
 18 files changed, 280 insertions(+), 86 deletions(-)
 create mode 100644 func/convertTime.php
 create mode 100644 pages/error.php

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 569d430c..3bba40d9 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -24,6 +24,11 @@
 - Removed user alert to reload formula settings pages when making a changes
 - Added openshift yaml manifests
 - Improve db connect method
+- Added a dedicated page to display in case of fatal error
+- Added a session timeout to automatically logoff the user after 30 minutes of inactivity - configurable by user
+- Change selected material color to yellow in formula making for better descrimination
+- Various minor updates and code clean-up
+- Added a function to convert session time to hours/mins
 
 ### Version 11.9
 - Added system logs access via the UI for docker/cloud installations - this comes disabled by default
diff --git a/core/ajax-session.php b/core/ajax-session.php
index fdafd087..4c1adf53 100644
--- a/core/ajax-session.php
+++ b/core/ajax-session.php
@@ -1,14 +1,50 @@
 <?php
-if (session_status() == PHP_SESSION_NONE) {
-    session_start();  // Start the session only if not already started
+
+define('pvault_panel', TRUE);
+define('__ROOT__', dirname(dirname(__FILE__))); 
+
+if (session_status() === PHP_SESSION_NONE) {
+    session_start();
+}
+
+if(strtoupper(getenv('PLATFORM')) === "CLOUD"){
+	$session_timeout = getenv('SYS_TIMEOUT') ?: 1800;
+} else {
+	require_once(__ROOT__.'/inc/config.php');
+}
+
+if ((time() - $_SESSION['parfumvault_time']) > $session_timeout) {
+    session_unset();
+    session_destroy();
+        
+    echo json_encode( 
+		array(
+			'session_status' => false,
+			'session_timeout' => $session_timeout,
+			'session_time' => $_SESSION['parfumvault_time'] ?? null
+		)
+	);
+    return;
 }
 
-if(!isset( $_SESSION['parfumvault']) || $_SESSION['parfumvault'] == false) {
-    //expired
-    echo "-1";
+if(!isset( $_SESSION['parfumvault']) || $_SESSION['parfumvault'] === false) {
+    //session is expired
+	echo json_encode( 
+		array(
+			'session_status' => false,
+			'session_timeout' => $session_timeout,
+			'session_time' => $_SESSION['parfumvault_time'] ?? null
+		)
+	);
     session_destroy();
 } else {
-    //not expired
-    echo "1";
+    //session is valid
+	echo json_encode( 
+		array(
+			'session_status' => true,
+			'session_timeout' => $session_timeout,
+			'session_time' => $_SESSION['parfumvault_time']
+		)
+	);
 }
 ?>
diff --git a/core/auth.php b/core/auth.php
index 1196d2e8..be5ef43f 100644
--- a/core/auth.php
+++ b/core/auth.php
@@ -4,6 +4,12 @@
 
 require_once(__ROOT__.'/inc/opendb.php');
 
+if(strtoupper(getenv('PLATFORM')) === "CLOUD"){
+	$session_timeout = getenv('SYS_TIMEOUT') ?: 1800;
+} else {
+	require_once(__ROOT__.'/inc/config.php');
+}
+
 if($_POST['action'] == 'login'){
 	
 	if(empty($_POST['email']) || empty($_POST['password'])){
@@ -20,9 +26,32 @@
 
 	if($row['id']){
 		if (session_status() === PHP_SESSION_NONE) {
+			 session_set_cookie_params([
+				'lifetime' => $session_timeout, // Set cookie lifetime to 30 minutes
+				'path' => '/', // Make the cookie accessible throughout the domain
+				'secure' => isset($_SERVER['HTTPS']), // Secure cookie if using HTTPS
+				'httponly' => true, // Prevent JavaScript from accessing the cookie
+				'samesite' => 'Strict', // Protect against CSRF attacks
+			]);
     		session_start();
 		}
 		
+		if (isset($_SESSION['parfumvault_time'])) {
+			if ((time() - $_SESSION['parfumvault_time']) > $session_timeout) {
+				session_unset();
+				session_destroy();
+				
+				$response['auth']['error'] = true;
+				$response['auth']['msg'] = 'Session expired. Please log in again.';
+				echo json_encode($response);
+				return;
+			} else {
+				$_SESSION['parfumvault_time'] = time();
+			}
+		} else {
+			$_SESSION['parfumvault_time'] = time();
+		}
+		
 		$_SESSION['parfumvault'] = true;
 		$_SESSION['userID'] = $row['id'];
 		if($_POST['do']){
diff --git a/core/configureSystem.php b/core/configureSystem.php
index 7d2a9c35..f23cf1ff 100644
--- a/core/configureSystem.php
+++ b/core/configureSystem.php
@@ -94,13 +94,14 @@
 $tmp_path = "/tmp/";
 $allowed_ext = "pdf, doc, docx, xls, csv, xlsx, png, jpg, jpeg, gif";
 $max_filesize = "4194304"; //in bytes
+$session_timeout = 1800; //Time in seconds
 ?>
 ';
-	if (session_status() === PHP_SESSION_NONE) {
-    	session_start();
-	}
-	$_SESSION['parfumvault'] = true;
-	$_SESSION['userID'] = mysqli_insert_id($link);
+		if (session_status() === PHP_SESSION_NONE) {
+			session_start();
+		}
+		$_SESSION['parfumvault'] = true;
+		$_SESSION['userID'] = mysqli_insert_id($link);
 	
 	}else{
 		$response['error'] = 'DB Schema Creation error. Make sure the database exists in your mysql server and its empty.';
diff --git a/core/core.php b/core/core.php
index 17f181e7..85618b06 100644
--- a/core/core.php
+++ b/core/core.php
@@ -1572,15 +1572,18 @@ function formatVal($num){
 	}
 	if(mysqli_num_rows(mysqli_query($conn, "SELECT name FROM formulasMetaData WHERE name = '$value'"))){
 		$response["error"] = 'Name already exists';
+		echo json_encode($response);
+	
 	}else{
 		mysqli_query($conn, "UPDATE formulasMetaData SET name = '$value' WHERE id = '$id'");
 		if(mysqli_query($conn, "UPDATE formulas SET name = '$value' WHERE fid = '$fid'")){
-			$response["success"] = 'Formula renamed.';
+			$response["success"] = 'Formula renamed';
 			$response["msg"] = $value;
+			echo json_encode($response);
 		}
 	
 	}
-	echo json_encode($response);
+	
 	return;	
 }
 
diff --git a/css/vault.css b/css/vault.css
index 7622f129..557a31a0 100755
--- a/css/vault.css
+++ b/css/vault.css
@@ -1109,7 +1109,7 @@ table#tdDataPending.dataTable thead:hover {
 }
 */
 .pv-transition td {
-    background-color: var(--bs-secondary-bg);
+    background-color: var(--bs-warning-border-subtle);
 }
 
 .schedule_details {
diff --git a/func/convertTime.php b/func/convertTime.php
new file mode 100644
index 00000000..31bf4f99
--- /dev/null
+++ b/func/convertTime.php
@@ -0,0 +1,19 @@
+<?php 
+if (!defined('pvault_panel')){ die('Not Found');}
+
+function convertTime($seconds) {
+    if (!is_numeric($seconds) || $seconds < 0) {
+        return "Invalid input. Please enter a non-negative number.";
+    }
+
+    $minutes = floor($seconds / 60);
+    $hours = floor($minutes / 60);
+    $remainingMinutes = $minutes % 60;
+
+    return [
+        'hours' => $hours,
+        'minutes' => $remainingMinutes,
+    ];
+}
+
+?>
\ No newline at end of file
diff --git a/inc/opendb.php b/inc/opendb.php
index 3f4e66e3..0241379a 100755
--- a/inc/opendb.php
+++ b/inc/opendb.php
@@ -8,7 +8,8 @@
 if(strtoupper(getenv('PLATFORM')) === "CLOUD"){
 	
 	if(!getenv('DB_HOST') || !getenv('DB_USER') || !getenv('DB_PASS') || !getenv('DB_NAME')){
-		echo 'Required parameters not found. Please make sure your provided all the required variables as per <a href="https://www.perfumersvault.com/knowledge-base/howto-docker/" target="_blank">documentation</a>';
+		$error_msg = 'Required parameters not found. Please make sure your provided all the required variables as per <a href="https://www.perfumersvault.com/knowledge-base/howto-docker/" target="_blank">documentation</a>';
+		require_once(__ROOT__.'/pages/error.php');
 		exit;
 	}
 
@@ -16,13 +17,13 @@
 	$dbuser = getenv('DB_USER');
 	$dbpass = getenv('DB_PASS');
 	$dbname = getenv('DB_NAME');
-		
+
 	$tmp_path = getenv('TMP_PATH') ?: "/tmp/";
 	$allowed_ext = getenv('FILE_EXT') ?: "pdf, doc, docx, xls, csv, xlsx, png, jpg, jpeg, gif";
 	$max_filesize = getenv('MAX_FILE_SIZE') ?: "4194304";
 	$bkparams =  getenv('DB_BACKUP_PARAMETERS') ?: '--column-statistics=1';
-	
     $sysLogsEnabled = strtoupper(getenv('SYS_LOGS')) === 'ENABLED' || getenv('SYS_LOGS') === '1';
+	$session_timeout = getenv('SYS_TIMEOUT') ?: 1800;
 	
 	$conn = dbConnect($dbhost, $dbuser, $dbpass, $dbname);
 
@@ -39,10 +40,9 @@ function dbConnect(string $dbhost, string $dbuser, string $dbpass, string $dbnam
         mysqli_set_charset($conn, "utf8");
         return $conn;
     } catch (mysqli_sql_exception $e) {
-		$msg = "Database connection error: " . $e->getMessage();
-		$response["error"] = $msg;
-		echo json_encode($response);
-        error_log($msg);
+		$error_msg = "Database connection error: " . $e->getMessage();
+        require_once(__ROOT__.'/pages/error.php');
+		error_log($error_msg);
         return false; // Return false on failure
     }
 }
diff --git a/inc/sec.php b/inc/sec.php
index 7cbf5deb..a405d099 100755
--- a/inc/sec.php
+++ b/inc/sec.php
@@ -17,6 +17,27 @@
     session_start();
 }
 
+if(strtoupper(getenv('PLATFORM')) === "CLOUD"){
+	$session_timeout = getenv('SYS_TIMEOUT') ?: 1800;
+} else {
+	require_once(__ROOT__.'/inc/config.php');
+}
+
+if (isset($_SESSION['parfumvault_time'])) {
+    if ((time() - $_SESSION['parfumvault_time']) > $session_timeout) {
+        session_unset();
+        session_destroy();
+        $response['auth']['error'] = true;
+		$response['auth']['msg'] = 'You have been automatically logged out due to inactivity of '.$session_timeout.' seconds. Please log in again. ';
+		echo json_encode($response);
+        return;
+    } else {
+        $_SESSION['parfumvault_time'] = time();
+    }
+} else {
+    $_SESSION['parfumvault_time'] = time();
+}
+
 if(!isset($_SESSION['parfumvault'])){
 	if($_GET['do']){
 		$redirect = '?do='.$_GET['do'];
diff --git a/index.php b/index.php
index 78e8cdbe..bd81b310 100755
--- a/index.php
+++ b/index.php
@@ -10,15 +10,8 @@
 }
 require_once(__ROOT__.'/inc/product.php');
 require_once(__ROOT__.'/inc/opendb.php');
-
-//require_once(__ROOT__.'/func/checkIng.php');
-//require_once(__ROOT__.'/func/searchIFRA.php');
-//require_once(__ROOT__.'/func/formatBytes.php');
-//require_once(__ROOT__.'/func/countElement.php');
-
 require_once(__ROOT__.'/func/countPending.php');
 require_once(__ROOT__.'/func/countCart.php');
-//require_once(__ROOT__.'/func/pvOnline.php');
 require_once(__ROOT__.'/func/getIngSupplier.php');
 require_once(__ROOT__.'/inc/settings.php');
 
diff --git a/js/validate-session.js b/js/validate-session.js
index 22dffa51..ac644180 100644
--- a/js/validate-session.js
+++ b/js/validate-session.js
@@ -1,9 +1,11 @@
 function session_checking() {
     $.post("/core/ajax-session.php", function(data) {
-        if(data == "-1"){
-            //alert("Your session has been expired!");
+		const response = JSON.parse(data);
+
+       	if (response.session_status === false) {
             location.reload();
         }
+		
     });
 }
-var validateSession = setInterval(session_checking, 5000);
\ No newline at end of file
+var validateSession = setInterval(session_checking, 5000);
diff --git a/logout.php b/logout.php
index bd664bd6..3cf034b4 100644
--- a/logout.php
+++ b/logout.php
@@ -1,7 +1,18 @@
 <?php
-session_start();
-unset($_SESSION['parfumvault']);
+
+if (session_status() === PHP_SESSION_NONE) {
+    session_start();
+}
+
 session_unset();
 session_destroy();
-header('Location: /login.php');
+
+if (ini_get("session.use_cookies")) {
+    $params = session_get_cookie_params();
+    setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);
+}
+
+header("Location: /login.php");
+exit;
+
 ?>
diff --git a/pages/error.php b/pages/error.php
new file mode 100644
index 00000000..5fbfd5cd
--- /dev/null
+++ b/pages/error.php
@@ -0,0 +1,32 @@
+<?php
+if (!defined("pvault_panel")){ die("Not Found");}
+?>
+<html lang="en" data-bs-theme="<?=$settings['bs_theme'] ?: 'light';?>">
+<head>
+
+  <meta charset="utf-8">
+  <meta name="description" content="Something went wrong...">
+  <meta name="author" content="perfumersvault">
+  <title>Error</title>
+  <link rel="icon" type="image/png" sizes="32x32" href="/img/favicon-32x32.png">
+  <link rel="icon" type="image/png" sizes="16x16" href="/img/favicon-16x16.png">
+  <script src="/js/jquery/jquery.min.js"></script>
+ 
+  <link href="/css/sb-admin-2.css" rel="stylesheet">
+  <link href="/css/vault.css" rel="stylesheet">
+
+  <link href="/css/fontawesome-free/css/all.min.css" rel="stylesheet">
+
+</head>
+<div id="wrapper">
+    <div class="container-fluid">
+        <div class="text-center">
+            <div class="error mx-auto" data-text="Error">Error...</div>
+            <div class="alert alert-danger"><i class="fa-solid fa-bug mx-2"></i><?php echo $error_msg;?></div>
+            <p class="text-gray-500 mb-0">It looks like you found a glitch in the matrix...</p>
+            <a href="/"><i class="fa-solid fa-arrow-left-long mx-2"></i>Back to Dashboard</a>
+        </div>
+    </div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/pages/formula.php b/pages/formula.php
index 83d931e9..c30c5d28 100755
--- a/pages/formula.php
+++ b/pages/formula.php
@@ -1,36 +1,37 @@
 <?php 
 if (!defined('pvault_panel')){ die('Not Found');}
-$id = mysqli_real_escape_string($conn, $_GET['id']);
 
-$meta = mysqli_fetch_array(mysqli_query($conn, "SELECT fid,name FROM formulasMetaData WHERE id = '$id'"));
-if($meta['fid'] == FALSE){
-	echo 'Formula doesn\'t exist';
-	exit;
-}
-
-$f_name = $meta['name'];
-$fid = $meta['fid'];
-
-$cat_details = mysqli_fetch_array(mysqli_query($conn, "SELECT description FROM IFRACategories WHERE name = '4'"));
-
-$meta = mysqli_fetch_array(mysqli_query($conn, "SELECT id,name,isProtected,catClass FROM formulasMetaData WHERE fid = '$fid'"));
-$img = mysqli_fetch_array(mysqli_query($conn, "SELECT docData FROM documents WHERE ownerID = '$id' AND type = '2'"));
+$id = (int)$_GET['id'] ?? null;
 
-$formula_q = mysqli_query($conn, "SELECT ingredient FROM formulas WHERE fid = '$fid'");
-while ($formula = mysqli_fetch_array($formula_q)){
-	$form[] = $formula;
+if (!$id) {
+    $error_msg = "Invalid formula ID provided.";
+    require_once(__ROOT__ . '/pages/error.php');
+    return;
 }
 
-$ingredients = mysqli_query($conn, "SELECT id, name, chemical_name, INCI, CAS FROM ingredients ORDER BY name ASC");
-while ($ingredient = mysqli_fetch_array($ingredients)){
-	$ing[] = $ingredient;
-}
+if($meta = mysqli_fetch_array(mysqli_query($conn, "SELECT fid,name FROM formulasMetaData WHERE id = '$id'"))){
 
-if($form[0]['ingredient']){
-	$legend = 1;
+	$f_name = $meta['name'];
+	$fid = $meta['fid'];
+	$cat_details = mysqli_fetch_array(mysqli_query($conn, "SELECT description FROM IFRACategories WHERE name = '4'"));
+	
+	$meta = mysqli_fetch_array(mysqli_query($conn, "SELECT id,name,isProtected,catClass FROM formulasMetaData WHERE fid = '$fid'"));
+	$img = mysqli_fetch_array(mysqli_query($conn, "SELECT docData FROM documents WHERE ownerID = '$id' AND type = '2'"));
+	
+	$formula_q = mysqli_query($conn, "SELECT ingredient FROM formulas WHERE fid = '$fid'");
+	while ($formula = mysqli_fetch_array($formula_q)){
+		$form[] = $formula;
+	}
+	/*
+	$ingredients = mysqli_query($conn, "SELECT id, name, chemical_name, INCI, CAS FROM ingredients ORDER BY name ASC");
+	while ($ingredient = mysqli_fetch_array($ingredients)){
+		$ing[] = $ingredient;
+	}
+	*/
+	if($form[0]['ingredient']){
+		$legend = 1;
+	}
 }
-//require_once(__ROOT__.'/func/convert_to_decimal_point.php');
-
 ?>
 
 <link href="/css/select2.css" rel="stylesheet">
@@ -46,8 +47,15 @@
 }
 </style>
 <div id="content-wrapper" class="d-flex flex-column">
-<?php require_once(__ROOT__.'/pages/top.php'); ?>
-	<div class="container-fluid">
+<?php 
+require_once(__ROOT__.'/pages/top.php');
+if(!$fid){
+	$error_msg = "The requested formula id: ".$id.", cannot be found";
+	require_once(__ROOT__.'/pages/error.php');
+	return;
+}
+?>
+	<div class="container-fluid">    
 		<div>
           <div class="card shadow mb-4">
             <div class="card-header py-3"> 
diff --git a/pages/makeFormula.php b/pages/makeFormula.php
index 31634b7c..794b48a8 100644
--- a/pages/makeFormula.php
+++ b/pages/makeFormula.php
@@ -16,22 +16,22 @@
 
 
 $fid = mysqli_real_escape_string($conn, $_GET['fid']);
-if(mysqli_num_rows(mysqli_query($conn, "SELECT id FROM formulasMetaData WHERE fid = '$fid'")) == FALSE){
-	echo 'Formula doesn\'t exist';
-	return;
-}
-$meta = mysqli_fetch_array(mysqli_query($conn, "SELECT name FROM formulasMetaData WHERE fid = '$fid'"));
 
-if(!mysqli_num_rows(mysqli_query($conn, "SELECT id FROM makeFormula WHERE fid = '$fid' AND toAdd = '1'"))){
-		$msg = '<div class="alert alert-warning"><a href="#" id="markComplete"><strong>All materials added. Mark formula as complete?</strong></a></div>';
-
-}
-
-$qS = mysqli_query($conn, "SELECT id,name FROM ingSuppliers ORDER BY name ASC");
-while($res = mysqli_fetch_array($qS)){
-    $res_ingSupplier[] = $res;
+if(mysqli_num_rows(mysqli_query($conn, "SELECT id FROM formulasMetaData WHERE fid = '$fid'"))){
+	$meta = mysqli_fetch_array(mysqli_query($conn, "SELECT name FROM formulasMetaData WHERE fid = '$fid'"));
+	if(!mysqli_num_rows(mysqli_query($conn, "SELECT id FROM makeFormula WHERE fid = '$fid' AND toAdd = '1'"))){
+			$msg = '<div class="alert alert-warning"><a href="#" id="markComplete"><strong>All materials added. Mark formula as complete?</strong></a></div>';
+	
+	}
+	
+	$qS = mysqli_query($conn, "SELECT id,name FROM ingSuppliers ORDER BY name ASC");
+	while($res = mysqli_fetch_array($qS)){
+		$res_ingSupplier[] = $res;
+	}
+	$formula_not_found = false;
+} else {
+	$formula_not_found = true;	
 }
-
 ?>
 <!doctype html>
 	<html lang="en" data-bs-theme="<?=$settings['bs_theme']?>">
@@ -68,7 +68,13 @@
 
    
 </head>
-
+<?php
+if($formula_not_found){
+	$error_msg = "The requested formula cannot be found";
+	require_once(__ROOT__.'/pages/error.php');
+	return;
+}
+?>
     <div class="container-fluid">
       <div class="card shadow mb-4">
         <div class="card-header py-3">
@@ -85,7 +91,6 @@
                <div class="dropdown-divider"></div>
                <li class="dropdown-header">Options</li>
                <li><a class="dropdown-item" href="#" id="toggleAdded"><i class="bi bi-list-check mx-2"></i>Show/hide added</a></li>
-
                	<div class="dropdown-divider"></div>
                	<li class="dropdown-header">Export</li>
           		<li><a class="dropdown-item" href="/core/core.php?action=exportMaking&fid=<?=$fid?>"><i class="fa-solid fa-file-code mx-2"></i>Export as JSON</a></li>
diff --git a/pages/views/formula/getFormMeta.php b/pages/views/formula/getFormMeta.php
index 8fcf6928..c61b5d6c 100644
--- a/pages/views/formula/getFormMeta.php
+++ b/pages/views/formula/getFormMeta.php
@@ -62,11 +62,11 @@
 <div class="col-sm">
    <div class="form-row">
      <div class="form-group col">
-        <label class="control-label col-auto" for="formula_name">Formula Name</label>
+        <label class="control-label col-auto" for="formula_name">Formula name</label>
           <a href="#" data-name="name" class="name" id="formula_name" data-pk="<?php echo $info['id'];?>"><?php echo $info['name']?:'Unnamed';?></a>
       </div>
      <div class="form-group col">
-        <label class="control-label col-auto" for="product_name">Product Name</label>
+        <label class="control-label col-auto" for="product_name">Product name</label>
         <a href="#" data-name="product_name" class="product_name" id="product_name" data-pk="<?php echo $info['id'];?>"><?php echo $info['product_name'] ?: 'Not set';?></a>
      </div>
     </div>
@@ -208,13 +208,13 @@
 			if(response.success){
 				$("#getFormMetaLabel").html(response.msg);
 				$("#formula_name").html(response.msg);
+				$('#set_msg').html('');
 			}else{
-				msg = '<div class="alert alert-danger alert-dismissible"><a href="#" class="close" data-bs-dismiss="alert" aria-label="close">x</a><strong><i class="fa-solid fa-circle-exclamation mx-2"></i>' + response.error + '</strong></div>';
+				$('#set_msg').html('<div class="alert alert-danger alert-dismissible"><a href="#" class="close" data-bs-dismiss="alert" aria-label="close">x</a><strong><i class="fa-solid fa-circle-exclamation mx-2"></i>' + response.error + '</strong></div>');
 			}
-				$('#set_msg').html(msg);        
-			},
-			error: function (xhr, status, error) {
-				$('#set_msg').html('<div class="alert alert-danger mx-2"><i class="fa-solid fa-circle-exclamation mx-2"></i>An error occurred, check server logs for more info. '+ error +'</div>');
+		},
+		error: function (xhr, status, error) {
+			$('#set_msg').html('<div class="alert alert-danger mx-2"><i class="fa-solid fa-circle-exclamation mx-2"></i>An error occurred, check server logs for more info. '+ error +'</div>');
 			}
 		});
   
diff --git a/pages/views/settings/general.php b/pages/views/settings/general.php
index 6dd7d69d..2ab1cf38 100644
--- a/pages/views/settings/general.php
+++ b/pages/views/settings/general.php
@@ -4,6 +4,10 @@
 require_once(__ROOT__.'/inc/sec.php');
 require_once(__ROOT__.'/inc/opendb.php');
 require_once(__ROOT__.'/inc/settings.php');
+require_once(__ROOT__.'/func/convertTime.php');
+
+$session_validity_calc = convertTime($session_timeout);
+
 $cats_q = mysqli_query($conn, "SELECT id,name,description,type FROM IFRACategories ORDER BY id ASC");
 
 while($cats_res = mysqli_fetch_array($cats_q)){
@@ -166,9 +170,15 @@
             <label class="form-check-label" for="multi_dim_perc">Multi-dimensional lookup</label>
             <a href="#" class="ms-2 fas fa-question-circle" data-bs-toggle="tooltip" data-bs-placement="top" title="Enable to include into formulas limits calculation the ingredient's sub materials if exists."></a>
         </div>
+       <hr />
+       <div class="col-sm-auto">
+			User session validity: <?php echo "Hours: " . $session_validity_calc['hours'] . ", Minutes: " . $session_validity_calc['minutes']; ?>
+            <a href="#" class="ms-2 fas fa-question-circle" data-bs-toggle="tooltip" data-bs-placement="top" title="Please refer to the KB article how to modify this if needed"></a>
+
+       </div>
     </div>
 
-    <div class="col dropdown-divider"></div>
+
     <div class="row">
         <div class="col-sm-12 text-start">
             <input type="submit" name="save-general" id="save-general" value="Save" class="btn btn-primary"/>
diff --git a/releasenotes.md b/releasenotes.md
index 00799478..3cefedeb 100755
--- a/releasenotes.md
+++ b/releasenotes.md
@@ -1,4 +1,23 @@
 Whats New in v12.0
 --------------------------
 - Lids inventory dropped to accessories
+- Import json functions update
+- Added import for accessories
+- Added import for bottles
+- Added import for suppliers
+- Added import for customers
+- Fixed pagination for suppliers
+- Formula scaling improvements
+- Fix invalid formula update date on empty formulas
+- Update empty table message
+- Rename sex to gender
+- Error handling improvements
+- Date Format update
+- Auto update image for formulas when uploaded
+- Auto update text title and description after a succesfull update for a formula
+- Removed user alert to reload formula settings pages when making a changes
+- Added openshift yaml manifests
+- Added a dedicated page to display in case of fatal error
+- Added a session timeout to automatically logoff the user after 30 minutes of inactivity - Please refer to the KB online if you want to change the default value
+- Change selected material color to yellow in formula making for better descrimination
 - This release may include more changes, for full details please refer to the CHANGELOG