"Gaylen Fraley" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I am experiencing a problem of trying to run several variants of the same > code and keep the sessions separate. Here is the scenario. > > I am launching all of this from a CMS. So, the CMS displays a page that has > 3 links on it. Link 1 is version A of an application, Link 2 version B, > etc. The three links are all the same application but different builds, in > essence. They all have the same session control code. They each launch a > new window, but the session variables are staying in the pool for each link, > which is not acceptable. When I call Link1 and then I call Link2, they need > to have an independent pool (session). I have tried to unregister, > destroy, unset, to no avail. > > Is there a way, or am I out of luck? Hard coding is not an option, as the > code has to be standard across all platforms and releases.
Sounds similar to a problem I had. I had a production site, and then in a sub-directory below it, a testing/development site. The code was essentially the same. The problem was that a user could log in as an administrative user in the testing system, then change their URL to the production site, and keep their session from the testing site! Obviously not acceptable. (grin) My solution was to include a ChangedSite function that gets called on every page access. When a user loggs in, the base address of the site is stored in their session variable. If they go to a different page, then the ChangedSite function will detect it because the base sites are different. The session is destroyed, and a security warning is thrown up. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]