OK thank you, that makes sense.
Should I wrap anything around the sessions vars when doing a WHERE lookup? Like mysql_real_escape_string ? Or
I guess my question is, if the user logs in and the database flag is set to 1, then when the user is not logged in the flag needs to be set to 0.
0 = not logged in
1 = logged in
I could set the flag to 0 when the user logs out of the website, but how do I handle the case where the session expires and the user has to re-login?
Because if the session expires before the user actually logs out, then the database flag would still be set to 1, so how do I get it to revert back to 0 if the session expires, or the user simply closes the browser before logging out?
Thank you