On Wed, Aug 17, 2005 at 06:48:39AM -0600, Barry Moore wrote:
> user has to re-login. If the browser stays open, but is inactive for 15
> minutes then the session flag expires, and the user has to re-login. Am
> I on track here, or are there easier ways to do this?
Well, you could have your login process check to see if a session for
that user already exists, and if so, assign them the same sessionid,
thus restoring the old session that they had lost the cookie for. That
makes the login a bit more complicated, but means there is only one
cookie.
A second method is to have a session that stores nothing but thier
username. Have a second session-like storage system that records
everything by their username. So their browser will get pseudorandom
session cookies whenever they login, but all your apps will look up the
data associated with the username that is stored in that psuedorandom
session.
Both methods assume that you have users logging in by username.
--
SwiftOne / Brett Sanger
suppressed
---------------------------------------------------------------------
Web Archive: http://www.mail-archive.com/suppressed/
http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2
To unsubscribe, e-mail: suppressed
For additional commands, e-mail: suppressed
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.