On Tuesday, October 7, 2003, at 02:11 PM, Scott Cadillac wrote:
In theory you should be able to "reset" the memory space for the User
Variables with the new key value - but my guess is just that nobody has
taken it this far before, so the Server design might not accommodate it.
Just a guess of course...
this is lower level than I can comprehend. Memory spaces and all.
If someone comes in and joins a session, I want to bounce him out. Maybe not kill the session, because it might belong to a real person.
By checking my local session cookie, I can tell if the person logged on properly or just came running into a page or function without passing 'go'.
If I see someone hasn't logged on, I can trap him into a logon sequence easily, BUT, he's still joined the session he barged in on. I can't push him out of it. If I can't push the interloper out of a session, then I want to kill the whole session. When the subject matter is money, identity, or personal information, privacy & security are paramount. I'm just trying to eliminate open doors.
(I'd think this would be of general concern - how to bullet proof your sessions)
________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
