Bill--
I think what we've done in the past is to kill any previous session from a
user's computer before allowing them to start a new one. That is, when a
user logs in from the same machine as another user, use a structDelete()
command and delete their cookie (or there are also some custom tags that'll
do this more gracefully) to get rid of all your session vars, then start a
new session and log the user in.
HTH,
David Huyck
[EMAIL PROTECTED]
> Please show me which application/session variables should be locked,
> exclusive vs. not, what scope, etc.? Also, I think the "session" concept
is
> confusing. Shouldn't each browser window on the same computer constitute
a
> new session? That is what I was thinking, but the facts in this case
don't
> support that.
------------------------------------------------------------------------------
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fusebox or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
