Hi,
> Then when any new page loads it first checks to see if the user has a
> "CanEdit" value of "1", if not it boots them back to the page they came
> from, if so it runs a query to check their idle timestamp and subtrack
> it from the current unixtimestamp to find the difference. If it's
> greater than X they are booted back to the login screen, if it's less
> than X the page is loaded..
>
> Anything look wrong or insecure with all of this?
This is how I'm doing it. We had it auditted by a security company. It
passed with flying colors.
-Dan Joseph
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
