Also remember to keep in mind, some user's browser had the cookie disabled.
Once that happen then it wouldn't work.

"John W. Holmes" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Scott Fletcher wrote:
> > Um, you would be able to jump out of the admin area (logged in area) to
> > public/free area and back to the admin area (logged in area) only if
either
> > one of these two, not necessnary both is maintained on every webpage of
that
> > website, 1) session_start() or 2) session_id via links/form.  But if the
> > person go to a website like Google or something and back then no, it
would
> > not be possible unless there is a known way for the web browser to hold
the
> > token like cookie for example.
>
> By default the session id (token) _is_ maintained in a cookie, so it
> wouldn't matter where you go, the cookie would still be present. That
> means your user can go back and forth between areas without any problem.
> You only need the session_start() in the "admin" areas to start and
> retrieve the existing session. The cookie will be maintained whether
> session_start() is encountered or not so long as the browser window
> stays open.
>
> -- 
> ---John Holmes...
>
> Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
>
> php|architect: The Magazine for PHP Professionals – www.phparch.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to