In the login/logout system I use, I use a timestamp field in the user
accounts DB table, which is updated every request a logged-in user makes.
When they log out, it subtracts the session timeout value (usually 20 mins)
from the timestamp to enable re-login. Of course, the timestamp field is
used when logging in to prevent two people logging into the same account.
This all works pretty well, but a client is asking about having the session
expire when they close a browser. I've seen this covered before, but I've
always noticed people reporting problems with it. Does the whole <body
onunload="window.open('logout.cfm');"> solution work well? What are the
specific problems, if any?
I'm also wondering whether I should upgrade my 'system' to use client
variables stored in a DB. I gather this is a preferred technique and is more
scaleable. But would it solve any of the above problems? What are the pros
and cons of using client vars in a DB over using session vars? Or am I
comparing apples and oranges?
TIA,
- Gyrus
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- [EMAIL PROTECTED]
work: http://www.tengai.co.uk
play: http://www.norlonto.net
- PGP key available
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
______________________________________________________________________
This list and all House of Fusion resources hosted by CFHosting.com. The place for
dependable ColdFusion Hosting.
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
