sessions and persistence?

raj wrote:

Hi,

How are sites built so that once a website has been left (either by logging
out or by just moving out of the domain), that a login becomes necessary
again once the site is revisited (either by back button, history or
revisiting the site)?

Using javascript that kills the cookie, but that of course only works if the
user enables javascript, which nowadays don't include all the users.

--

//Aho

On Sat, 13 Jan 2007 23:07:00 +0100, raj <ra*@nospam.comwrote:

Hi,

How are sites built so that once a website has been left (either by
logging
out or by just moving out of the domain), that a login becomes necessary
again once the site is revisited (either by back button, history or
revisiting the site)?

Thank you in advance.

Kind regards,

Raj (Newbie)

Usually a log-in stays active as long as the browser remains open (for
security schemas that don't use cookies) or as long as the cookies aren't
thrown away / expired (for security schemas that do use cookies).

However, you can also use a session key in the querystring, with a
specific time stamp embedded in it. Each time the visitor changes page,
you update the session key with a more current time stamp. Then when the
visitor has been away for a few minutes, or enters the site from a
different place, the session will have expired.

--
Using Opera's revolutionary e-mail client: http://www.opera.com/mail/

How are sites built so that once a website has been left (either by logging

out or by just moving out of the domain), that a login becomes necessary
again once the site is revisited (either by back button, history or
revisiting the site)?

For logging-out code, look up session_destroy() in the documentation. If
the user does not explicitly log out, I trust the normal session
handling of PHP to do the job. That may mean that the user can come back
during some time without logging on again. I don't mind.

Best regards