Jump to content

had an issue, sessions


Ninjakreborn

Recommended Posts

I just ran into a difficult problem, that might have destroyed the integrity of my entire site.  I have sessions set up for people to login with, it runs off sessions.
On the admin page I have the sessions running off there too, but unfortunately, it overwrites each other, when I am logged in on one browser, you see if I have a browser here and I login to my test account, then I login to her admin account.  When I log out of my user test account it kills the sessions in her admin account, is this just because I am using hte same browser or will it happen to her everytime anyone logs out, because i Have session_destroy();
set on a page, when they logout it kills the session, but I was thinking this will also cause problems now with other user's because if someone logs out then everyone in the world that is logged in get's there session killed, a lot of people will be pissed?
what is going on here?
Link to comment
Share on other sites

I don't understand how you can be logged into two differnet accounts simultaneously in one browser window?  If you login as test and then as admin, how can you then logout the test account?  Please provide more info on how your system is set up.
Link to comment
Share on other sites

If you are using the same browser in two seperate windows on the same PC on a site that uses sessions, then the same session is going to be served for both browser windows, as you are using the same client that used that the session was created on. If you used a completly different browser say IE and FF then PHP will give each browser a seperate session. This shouldnt affect other peoples sessions that are visiting the site from a different location.
Link to comment
Share on other sites

If you're using IE Beta 7 and/or Firefox.  The sessions will stay within the tabs.  Opening a new tab wont allow for a new session to be created.

But if you are using difference instances of the browser, they're supposed to start new sessions.

Its how I test, I have FireFox open with one account on a site, then have IE open the same site but use a different account.
Link to comment
Share on other sites

I can assure you that in FF, you can have any many tabs as you like and they all share the same sessions.  I know this because at work, our intranet has a website that requires login to accesd any page of it.  Once I log into the account from one tab, I can open up as many other tabs and go to any pages witout having to log in again.
Link to comment
Share on other sites

witht eh suggestion above i woudl think alerting thuser that they are already logged in is better for secruity reason because of
A. if they are logged in and someone is try to break in there accoutn they can do it easily without the real user know, all the real user will think is the the website is not working correctly because (s)he keep getting kicked off for no reason knwo to (s)he
and
B. if someone else is on the account and the real user is trying to log in (s)he can let the admin that someone has been in their account.  ofcourse this method is could just be the the session is not get killed right.
just my opinion.
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.