Sessions & logged-in status in multiple windows - conflicting

bunner_bob

I'm working on a content management system with both admin areas and public areas that have their own logins. When the user logs into the admin, a session variable is set with their adminId ($SESSION['adminId'] = #). When a user logs into the public secure areas, a session variable with their userId is set ($SESSION['userId'] = #).

Sometimes I'm working in two windows, one logged into the admin and one logged into the public. In either case though, each window is aware of BOTH logged-in IDs, meaning I can't do anything based on WHICH id is current for the given window.

Is this standard behavior for sessions? What is the scope of a session, in terms of which browser windows or tabs it's available to? Is it per domain, or are all sessions available to all open windows?

mattm591

As far as I'm aware, if you set a session variable it is then avaliable to all tabs and windows you have open in a particular browser.

Your session variables wouldn't get passed between multiple domains though because the sessionid is stored in a cookie relevant to the domain your using.