CPT John W. Holmes <mailto:[EMAIL PROTECTED]> on Monday, July 21, 2003 1:05 PM said:
> Then something is wrong in your code. If you properly clear the > session of all of it's contents, then even if I pass the same session > id on the next page request, it should see me as a new user since > there is no data in the session. Ok, then maybe I'm misunderstanding how sessions work and/or how they are supposed to be used. What is the point of having a unique ID for each session if the only thing that matters is the data stored within it? Why have a session id at all if it can't be used to uniquely track a user? Just for the sake of example, let's say I write the session id to a database each time someone hits the login page and successfully authenticates. If the session id doesn't change between each user (using the same computer, let's say in a public school library) then it would appear that I've got much less use than I realy do. Granted someone wouldn't really do it this way but I'm just trying to make a point. Chris. p.s. I'm new to this list as you may have noticed and so far this is the only list that I've been on that doesn't use the list's address as the return address. Do I have to manually put it in the To box each time? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
