What about HTTP_REFERER - is there someway I could incorporate it to so if the user didn't come from xxx (a page on my site) then kill the session and redirect him to the login page...
----- Original Message ----- From: "Jason Wong" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, March 21, 2003 1:34 AM Subject: Re: [PHP] Sessions question > On Friday 21 March 2003 13:57, Beauford.2002 wrote: > > > I have read some posts to this list on sessions and have read as much as I > > can find on them, but one problem still exists which I can't figure out. > > How do I kill the session when the user leaves my site. > > There is simply no way to tell when a user 'leaves' your site. PHP > automatically cleans up sessions that have been idle for some time (see > php.ini). > > > So if a user is on > > www.mine.com and logs in successfully, then goes to www.hers.com - the user > > should have to log in again once coming back to www.mine.com, but at > > present the user is still logged in - and all variables are still set. > > The only way to be sure someone has logged out is to present them with a > logout link which when clicked will clear the session. > > -- > Jason Wong -> Gremlins Associates -> www.gremlins.biz > Open Source Software Systems Integrators > * Web Design & Hosting * Internet & Intranet Applications Development * > ------------------------------------------ > Search the list archives before you post > http://marc.theaimsgroup.com/?l=php-general > ------------------------------------------ > /* > I would much rather have men ask why I have no statue, than why I have one. > -- Marcus Procius Cato > */ > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
