For those who don't mind working with Javascript I have found a method of maintaining the sessions to a minimum length. According to the Javascript list there is no way to get the url of the site the user is going to next so there is no way to tell if the onunload is due to a site change or the movement from one page on your site to another. So here is my solution...
When the user logs on they are given a code that is derived from the time of login. Each pages checks that the decoded number results in a time of less than 8 hours from login. If it is greater than 8 they are just prompted to re-login. There will be a database entry for each time a page is loaded by the same user. This time is checked periodically, every 5 minutes should do. If they have not loaded a page in the last 5 minutes the session is removed. Now, each page that does not post anything will have a refresh set to 3 minutes so that people that have their browser set to the site in the background while they work on other programs etc. won't get kicked off. This has just been arrived at to solve the session destroy problem but it looks like it will work. I also don't know what this would do to a high volume site either but for me it should be workable. I hope this helps some. Larry S. Brown Dimension Networks, Inc. (727) 723-8388 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
