If you don't want reuse sessions based on the value in the cookie, or you want to prevent people who are intentionally trying to log in with two sessions, kill any existing session that the person may have right before logging them in with their new session. Keep track of active sessions in the application structure. You should be able to find info on tracking sessions in the application scope. I believe Ray Camden has good info on his site about this.
Good luck, Mike Chabot On 6/21/07, Paul Henderson <[EMAIL PROTECTED]> wrote: > I know I can prevent any simultaneous logins by simply flagging the account > as "logged in" when a user logins. However, if the user closes the browser > or is disconnected without properly logging out, how would I go about > allowing them to log back in? Since as far as I know, the server and > database would therefore have no way of knowing the user disconnected and > would still see the user as logged in. I thought OnSessionEnd would do the > trick, but as was pointed out to me on this list OnSessionEnd only runs when > the session expires, not when the user disconnects. Any ideas are much > appreciated, thanks. > > > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Create Web Applications With ColdFusion MX7 & Flex 2. Build powerful, scalable RIAs. Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJS Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:281815 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
