HI Chirs:
thanks for your reply and opinion, so you mean I can know the alive session by reading
/tmp ?
I think that's only problem I want to know cause I affraid that I can't hold the dead
or alive of session
OK, I'll try to trace session by reading /tmp directory
thanks a lot
-----Original Message-----
From: Chris Shiflett [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 23, 2003 2:54 AM
To: Henry; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: [PHP] How to implement this by php Session
--- Henry <[EMAIL PROTECTED]> wrote:
> what I want to do is make sure one account can login
> in at the same time
I understand now, with Jason's help.
> is there any mechanism in PHP can slove it?
Well, not exactly. You see, this is a rather strange
restriction (or seems strange to me at least).
There are two different data stores in a typical session
management environment:
1. Session data store. This is all of those /tmp/sess*
files if you are using the default setup.
2. User (or client) data store. This is where you would
keep persistent data, such as username and password.
You could store a login indicator in the user data store,
so that when a user logs in, you make sure this flag is not
set (else deny their login) and set it if it is not. This
would work for a lot of cases, but it has a few notable
problems:
1. It is not atomic. Under heavy load, you can experience
synchronization problems where multiple clients check the
flag, see that it is not set, and all try to set it. This
is a rather unlikely prolem, but it is something to
consider.
2. How do you know that someone is logged in? For example,
if I login to your site (and you set my login flag to 1),
how much inactivity will you tolerate before you consider
me no longer logged in? Do you consider me logged in as
long as I have a session record? What if I accidentally
close my browser and go back to your site (and am not
recognized due to my cookie being lost). Will you not allow
me to log back in to your site until my login flag times
out?
I think this seems like a bad idea, but you might try this
idea to see if it works well enough for you.
Good luck.
Chris
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
