Hmmmm I had to handle this scenario re: someone coming back and accessing the site (intranet application) and "inheriting" the last user's privileges.
The way we ended up doing this is (assuming the user had left the site or closed the browser): check CGI.HTTP_REFERER. If the user is not navigating from within the application (or site), assume they logged out and reset their session accordingly, taking them back to the login screen. I think there was a nocache strategy in there somewhere also so [<= Back] didnt give away too much information. HTH Aaron ----- Original Message ----- From: "Carl Vanderpal" <[EMAIL PROTECTED]> To: "CFAussie Mailing List" <[EMAIL PROTECTED]> Sent: Monday, June 28, 2004 2:59 PM Subject: [cfaussie] RE: End Session > Hello CFAussie, > > Thanks.... > I will just make a few TWEAKS...and all should be sweet! > > > > :D > > > > Best regards, > Carl Vanderpal > Po Box 3462 Dural, NSW 2158 > mailto:[EMAIL PROTECTED] > > > --- > You are currently subscribed to cfaussie as: [EMAIL PROTECTED] > To unsubscribe send a blank email to [EMAIL PROTECTED] > Aussie Macromedia Developers: http://lists.daemon.com.au/ > --- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] Aussie Macromedia Developers: http://lists.daemon.com.au/
