-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Philip Thompson wrote:
> Is there a way to have multiple sessions open in one browser
> (specifically, Firefox or Safari)? For example, IE does not transfer
> session data from one window to another, however, Firefox does. So, if
Not strictly true. It's actually based on instances. Firefox differs
from IE because if you start a new Firefox instance it joins the
existing instance if it exists. IE does not do this. To get the 'shared'
session in IE open a new window from the existing window instead of
starting a new copy of IE.
> one user opens a session and then his/her friend wants to open a
> different session of that same program on the same computer, (s)he is
> not able to without overwriting the first session data.
>
> I have thought of one solution, but have yet to test it. Upon the first
> user logging in, I could assign them as session ID (along with the one
> that PHP creates). I could then verify that ID is being used on each
> page. For the second user, I could create a different one and do the
> same as the first. ????
>
> <? // User 1
> $_SESSION["my_special_id"] = abcd; // created upon logging in
>
> if ($_SESSION["is_logged_in"] &&
> $_SESSION["my_special_id"] == $_GET["my_special_id"]) {
> // do stuff
> }
> ?>
>
> <? // User 2 in a different window of Firefox
> $_SESSION["my_special_id"] = efgh; // created upon logging in
>
> if ($_SESSION["is_logged_in"] &&
> $_SESSION["my_special_id"] == $_GET["my_special_id"]) {
> // do stuff
> }
> ?>
>
> Notice that they both share the same "is_logged_in" variable, but a
> different "my_special_id" variable. Actually, I just noticed something.
> If User 1 logs out and kills "is_logged_in", that would also kill it for
> User 2.
I'm confused as to why you need a solution to this 'problem'. How likely
is it that you'll have 2 users trying to access your site on the same
machine at the same time? If it is likely (although I don't see how)
then you need to design your session data as an array keyed on the
username, but that would be very insecure.
In short are you trying to solve a perceived problem when no such
problem actually exists? Think about it for a while before jumping to
working around it.
- -Stut
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEtT0dP9na3/DT5jQRAmUmAJ0XzG3ukmU4q6e7f6S1OrTtZ65M9QCfRbuj
NSa/LAreelZGRLGysXGFMsU=
=pzC4
-----END PGP SIGNATURE-----
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
