Justin French wrote:
I know that for IE Mac users (not sure about NN7) it's not until you QUIT
the application that the session is "terminated"...

I *think* you'll find something similar in Windows... perhaps when ALL open
browser windows are closed and/or the browser app is QUIT, the session will
I exited all apps and restarted the browser. Didn't help. I also copy-pasted the URL ( from my Netscape 7 browser into an IE browser and the sessions was still valid ...

Is it because I am putting the SID in the URL? I haven't tested with cookies yet as I want to get my site working without cookies first.

Adding a logout feature will help people who are worried about security,
because it can kill the cookies on the browser.
I agree! The problem I have now is that a user can bookmark a page with the SID in the URL and then come back later and the session is still active ... the session should close when the browser is closed.

I have set session.auto_start = 1 so I would think that after closing the browser and going to the bookmarked paged a new session would be started, killing the SID passed in from the URL no?



PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to