[nycphp-talk] $_SESSION, Logout, and Shared Host
Christopher R. Merlo
cmerlo at ncc.edu
Wed Nov 4 18:54:11 EST 2009
Hi. I recently migrated my web app from my personal server to a (*way* more
powerful) shared server, where one of my colleagues also hosts his app.
Both were written in PHP. Due to neither one of us having run into this
before, if you are logged in to both apps at the same time from the same
browser (which happens; we share more than a few students in common), and
log out of one, you get logged out of the other. In my code, the logout
routine is as follows:
foreach( $_SESSION as $key=>$value ) {
unset( $_SESSION[ $key ] );
}
And his code is essentially the same (I think he might use a
session_destroy() or something).
I know that if I add a layer to $_SESSION, like creating $_SESSION[ 'my_app'
][ keys... ], and then only unset those upon logout, I will prevent my
students from logging out of any app other than my own. But that's a lot of
code to change (not the logout code, that's easy; but all the places I check
to see if someone's logged in) and besides, I imagine there has to be a
better way.
Please pretend that using a different physical or virtual server is not
possible, because it's essentially not (yay county budget!), so: what's the
PHP way to solve this problem? Is there some way we can namespace-ize our
$_SESSION variables or something?
Thanks,
-Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20091104/ecd9a8bb/attachment.html>
More information about the talk
mailing list