I'm using a custom Authencation and session system, it works ok, but i have a problem I need help with
they way it works is you enter a username and password, if it matches a username in a table, it goes to the next check. the password gets entered into a table, with the mysql password() encrypted it, then that string is matched against a stored one, at the same time a session Id is made.
if you pass, the the check records are destroyed and the session id is saved to another table,
now a form is generated and shown.
only if the session id passed by ur browser matches the one in the table.
so here is the issue. If you hit submit, the session id is checked again, then the data is entered and the session id is destroyed.. but if you just close ur browser at the forum, the session id is still in the table, and never gets removed.
how do you check for the browser being closed.
Is that what register_shutdown_function does?
any ideas?
KoAps
they way it works is you enter a username and password, if it matches a username in a table, it goes to the next check. the password gets entered into a table, with the mysql password() encrypted it, then that string is matched against a stored one, at the same time a session Id is made.
if you pass, the the check records are destroyed and the session id is saved to another table,
now a form is generated and shown.
only if the session id passed by ur browser matches the one in the table.
so here is the issue. If you hit submit, the session id is checked again, then the data is entered and the session id is destroyed.. but if you just close ur browser at the forum, the session id is still in the table, and never gets removed.
how do you check for the browser being closed.
Is that what register_shutdown_function does?
any ideas?
KoAps