Um, you would be able to jump out of the admin area (logged in area) to public/free area and back to the admin area (logged in area) only if either one of these two, not necessnary both is maintained on every webpage of that website, 1) session_start() or 2) session_id via links/form. But if the person go to a website like Google or something and back then no, it would not be possible unless there is a known way for the web browser to hold the token like cookie for example.
By default the session id (token) _is_ maintained in a cookie, so it wouldn't matter where you go, the cookie would still be present. That means your user can go back and forth between areas without any problem. You only need the session_start() in the "admin" areas to start and retrieve the existing session. The cookie will be maintained whether session_start() is encountered or not so long as the browser window stays open.
-- ---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
