I'm having a hard time explaining what I'm trying to do, which is why I'm
having a hard time finding anything online/in manuals...

My site serves a form for the user to fill in. User has been authenticated
with a login and we're using PHP 4 sessions. When using Internet Explorer,
the user can hit Ctrl-N and get a new window, but his session for that new
window is still valid. He could then load up a local page and submit it to
the target of my original form.

Is there some way of detecting that the submission came from a page that
hadn't been served up by my application, but was instead sent in from some
other "foreign" form?

Or maybe the question is - how can I kill off sessions if the user navigates
away from the page that I sent him originally?

Warrick Wilson

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to