Hi,
how about setting a expiry time for the cookie. Like
45 min after logging in or whatever suits your needs.
You could use session_set_cookie_params() and set
the cookie lifetime to 0. That would at least prevent a login after
the browser window is closed.
Your site is nice by the way.
cheers
Johannes
--
Gr��e aus dem sch�nen T�bingen
Johannes Janson ;)
"Jens Kisters" <[EMAIL PROTECTED]> schrieb im Newsbeitrag
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Why destroying it "before" a user logs in? Isn't it
In case the user did not log out properly, his session would still be marked
as valid & logged in
> better to start the session "after" a successful login?
starting works fine, restarting is the problem
> And then destroying the session when the user logs out.
You can't count on an explicit logout,
never rely on the users, they just don't act like you want them to ;)
cu
Jens
--
Gr��e aus dem sch�nen Kleve
Jens Kisters
rosomm et partner
Agentur f�r neue Medien GmbH
Dienstleistungszentrum am
Wei�en Tor - Eingang B
Gocher Landstrasse 2
47551 Kleve / Bedburg-Hau
Telefon: 02821 - 97856-20
Telefax: 02821 - 97856-77
[EMAIL PROTECTED]
http://www.rosomm-partner.de
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
