[thelist] update/correction to FW: preventing multiple web connections to a db app

Maximillian Schwanekamp anaxamaxan at neptunewebworks.com
Fri May 21 13:56:33 CDT 2004

I'm looking for a way, then, to force users to login in fresh
> when they want a second window to the app. I can provide more
> details if it'd help; I'm over my head here, and just trying
> to facilitate a solution to something I don't fully grok.
The problem is when the *browser* session ID is copied, not the database
session ID. Essentially, we're looking for a conditional way to disable
the 'File | New' option.

Dunno anything about DB2, but it sounds like maybe more judicious use of
table locks is what's really needed.  That said, perhaps you can do
something like: At login, set some randomized code in 2 identical session
variables;  Populate all links/form actions with that session var (so that
any get/post request will include the random code), then empty one of the
session vars after the script HTML output is done. On the next page, capture
the code in Get/Post Request and compare it with the first session var.  If
they're identical, proceed with the script (and prob re-populate the 2
session vars with new random strings before creating more HTML output).  If
the user tries File>New, one of the two session vars would be empty, and you
would then end their session and force relogin.  Hope that wasn't too
muddled to catch what I'm driving at...

Maximillian Von Schwanekamp
Dynamic Websites and E-Commerce
voice: 541-302-1438
fax: 208-730-6504

More information about the thelist mailing list