Posted by Gordon Burditt on 12/27/06 23:33

>> How would you define a user that is logged in? (Please take into
>> consideration that http is stateless when you come up with a definition)
>
>When a user enters a correct username and password then a session is
>created for them. During the lifetime of that session I'm calling that
>'logged in'.

Now, when is a session DELETED? Hint: users don't use logout
buttons, except maybe by accident. They click on an ad and never
come back, their browser crashes, they just leave for a 3-week
vacation, etc.

>> And how would that global session be shared over all servers that host
>> your webapplication?
>
>The app is only on one server. I realise that if it were distributed
>then using the db for this is best. Can I assume your question is
>partly rhetorical? I'm just trying to find out a good way to do it.

You can use a session save handler which puts the session data in
a database. That way it's shared across all servers.

• Next in forum: Re: strange POST vs GET behaviour
• Prev in forum: newbie with multiple images upload question
• Thread view: Re: number of logins

[Reply to this message]