Re: [Phplib-users] session4_custom.inc

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Thus spake Layne Weathers on Fri, Apr 11, 2003 at 10:48:09AM CDT
> Dennis Gearon wrote:
> >And how do people prevent a new browser window by the same user, in 
> >the same session, from having the exact same screen as the other ones 
> >that are open, (going to the same application at the same website, of 
> >course:-) )?
> 
> You can't prevent that.

Yes you can.  Once the session has been established, the server identifies
the browser instance with every page request and can, for instance, decide
to serve a different page each time the same browser submits the same URL. 
This assumes that URL requests a dynamic page, which is why we're trying to
identify sessions in the first place.

> You must make sure that any information stored in session will not cause
> unexpected results if the user is using the same page for different tasks.
> For instance, in one of my first session-based sites, I stored the record
> currently being edited in session data - when a user tried to edit two
> records side by side he could easily overwrite one record with another
> record's data.

I use <input type=hidden ...> to identify records, and each record display
has it's own "edit" button in the generated page, so there's no confusion on
the server side about what's intended.

-- 
Lindsay Haisley       | "Everything works    |     PGP public key
FMP Computer Services |       if you let it" |      available at
512-259-1190          |    (The Roadie)      | <http://www.fmp.com/pubkeys>
http://www.fmp.com    |                      |