Search Help Board

PHP FAQ
PHP Articles
PHP Help
Bulletin Board

PHP Manual (NEW!)
First Time PHP'ers
Help with programming
Sql assignment help
PHP Homework Help


 
 is this normal?
Author:  (203.106.219.---)
Date:   02-27-04 16:39

hi...
i would like to ask something..
regarding session().. i am currently using session() for a library tracking system for my project. there can be more than one user using the system. yet, if either one of the users logout(i'm using session_destroy() to destroy the session), all the other users session will be expired. n they have to relogin to navigate thru the system.

i was thinking of using the session_unregister() but it seems like it still allows the user to go back to the previous page and use the system.

is this normal? i mean in using session?....

thank you

 Re: is this normal?
Author:  (---.ym.rnc.net.cable.rogers.com)
Date:   02-28-04 11:03

Sessions depend on a timeout value to expire. The default for most sessions is 20mins, this can be altered in the php.ini file or via the webserver software. Combine sessions with a page expiry and the user will not be allowed to move back hru past pages. You can use session_unregister when the user logs out, but its kinda done automatically when the session times out

hth

 Re: is this normal?
Author:  (203.106.219.---)
Date:   02-29-04 16:07

Hm..to give a more detail situation..
as for the system i'm developing, after the session_start() on every page, i'll check the session registered...

<?php
session_start();
if(!session_is_registered('user_id')) {
header ("location:/pageexpired.php");
}
else {
//the rest of the code
}
?>

this actually to ensure that if the user has signed out or logged off, perhaps they can click on the back button on the menu bar, but as they click on the links in the webpage, they will automatically link to the pageexpired.php...i make like this bcoz i'm not sure how to enable the back button after a user has logoff.

and if i use the session_unregister(), it seems that the 'user-id' is still registered in the session. This is told by the accessability that the user still has even after clicking the 'logoff' button. Do you have any idea what setting(s) went wrong?..

Btw, i'll try to minimize the timeout value for the session. Will c n inform the result from it.

Thanks in advance.

Go to Top  |  Go to Topic  |  Threaded View  |  Search 
  |  
New Topic
 Reply To This Message
 Your Name:
 Your Email:
 Subject:
Email replies to this thread, to the address above.
  

Provided By
Phorum