Just a question. Are you specifically using cookies or are you talking about session cookies? If you aren't using sessions themselves, I would suggest you move in that direction and only use cookies for keeping a user logged in.
Second thought for the cookies, you could make a tweak to your cookie value that contains some sort of flag and if a user doesn't have that flag, it will clear their cookie and redirect them to the login page. A second cookie could do the same thing. That way, only those with this flag or even a certain value in that flag will still work. Others will be logged out and this would "automagically" reset their cookies. On Wed, Jun 18, 2014 at 3:33 PM, Rawk <[email protected]> wrote: > I recently moved my application to a more powerful server. Since doing > that, about once a week or so, my users will report issues where they see > someone else's session. For example, they'll click a link that takes them > to page A, but instead are taken to page B from someone else session (noted > by the user's name displayed on the page). Or sometimes they'll see the > javascript objects of ajax requests displayed as text. I'm guessing it has > something to do with old cookies being on people's machines from before the > server migration. > > This happened last time I moved my application to a new server. After > many server restarts and begging my users to dump their cookies, the issue > finally went away permanently. > > The problem is that this time around I have triple the number of users, so > getting everyone to properly dump their cookies is becoming a futile task. > People are resistant to doing so because their browser loses all its > remembered logins and settings and such. > > Is my cookie assumption correct or are there other forces at work here? > If the issue is with old cookies, is there some way I can utilize the > server to force all old cookies to be removed? I've tried setting > extremely low session expiration, but that doesn't seem to be doing the > trick. > > -- > -- > online documentation: http://openbd.org/manual/ > http://groups.google.com/group/openbd?hl=en > > --- > You received this message because you are subscribed to the Google Groups > "Open BlueDragon" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- -- online documentation: http://openbd.org/manual/ http://groups.google.com/group/openbd?hl=en --- You received this message because you are subscribed to the Google Groups "Open BlueDragon" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
