Is there a really good way to use PHP Session to tell whenether the user is authorized user or not? I see one problem here, let's say the user tried to access certain webpages that are unauthorized then I get to kick the user out. But when the user logged in, we assigned a session token to it, then the user become an authorized user. That's where I have a problem here. Suppose when the user closed the browser window without logging off or use the existing session id when firing up the browser or on the other browser. (Sort of like copy and paste the URL address from one browser to another). There, the user will still be an authorized user without logging in. This is something that don't need to happen.
So, any best idea, suggestion or thought on a workaround to it? Thanks, FletchSOD -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
