session.user and database.user should be the same thing, meaning if the user "edits their data", they edit the session object which at the same time is comit back to the db. So yes I would do it at the same time. You might want to commit and then "refresh" the session object (fetch back from the db) if you are worried about inconsistancies.
For the second issue, you could either ignore it (if you have two sessions, one will become "old" and the user would have to re-authenticate to get the updated data. If you *must* tackle this issue, then you'll need to track all your sessions (key them by userid) and then when an update occurs refresh all known sessions of that user. This is a perfect example of why it's a good idea to abstract session management (versus referencing session.* everywhere): you should be able to bolt on session tracking without touching any code other than your session management service/facade/whatever you want to call it (I like "UsageSessionService"). HTH Dave Ross http://www.coldspringframework.org
[EMAIL PROTECTED] 06/25/06 7:27 AM >>>
Hi Everyone. ---------------------------------------------------------- You are subscribed to cfcdev. To unsubscribe, send an email to [email protected] with the words 'unsubscribe cfcdev' as the subject of the email. CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting (www.cfxhosting.com). An archive of the CFCDev list is available at www.mail-archive.com/[email protected]
