using same session from different location

ahchew1413

Assume i have 2 pc in different location. When the user using pc1 to access my page, this page would have some session variables. Assume the pc1 'hang' suddenly, the user go to pc2 and access the page again to finish his work and those session variables should still with him even his using diffent pc.

i try to use the username as session name, then i store the name of session into database, after that, if user log in with other pc, the page load back those session variables which store in server using the session name...

my question is...can this idea work? will it cause any security or other problem??

mattuu

You'd need to keep all the session variables in the database and updated. When the user moves to pc2, he'll have no idea what his previous session was. Even if you could find out what the user's previous sessionid was, you can't get at the data. However, you can easily store all the data in a database.

Use session_encode() -- it returns a single string with all session data in it. Then jam that into a database field associated with the user. If they move and log in, you can retrieve that string from the db and run it through session_decode() to restore their session.

Be sure to to the session_encode()/db update at the END of each page, not the top, since you want to capture any changes that occur while a given page is processed.