I've made a site in PHP and on some pages a user needs to log in first before gaining access to the page. (i.e. there is a log in page).

Once the user has logged in I keep that fact in a session variable so that he doesn't need to log in again.

However I have found out that if:

1- the user logs in
2- bookmarks the page
3- closes the browser
4- opens the browser
5- goes to the saved bookmark page

He has access to the page. I.e. the session did not close/terminate when he closed his browser ...

In Netscape 7 I have checked the stored cookie and it is set to expire at the end of the session (which is the default I think), so I don't understand why the PHP thinks the session is still opened ...



PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to