Hi >> > socket open, then there are much smaller, simpler ways. >> >> Like what ? > > I meant as opposed to the session-handling method I sent in the > other thread. However, you may want to look into having JavaScript > handle the session-watching, and report to the server via AJAX calls > every 30 seconds or so. If JavaScript doesn't PING the server at > least once every thirty seconds, then you know either the user left > the page or closed the browser. If it does, on the other hand, then > the PHP side of the AJAX routine simply updates the > [database/file/session info] to show that the user is still active. Hum. Then we rely on JS to implement security with conections. And JS is anything but secure AFAIK. I want to prevent one from taking over a session from one who left the site and left his desk for a moment. What if that connection were two servers communicating together !? Any crooked mind could then steal the latent session and start fire in the system(s). -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
