Hi, > Then when any new page loads it first checks to see if the user has a > "CanEdit" value of "1", if not it boots them back to the page they came > from, if so it runs a query to check their idle timestamp and subtrack > it from the current unixtimestamp to find the difference. If it's > greater than X they are booted back to the login screen, if it's less > than X the page is loaded.. > > Anything look wrong or insecure with all of this?
This is how I'm doing it. We had it auditted by a security company. It passed with flying colors. -Dan Joseph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php