Jump to content
We want to feature your community! ×


Can the one session per member ID contraint be examined?

G17 Media

Recommended Posts

I ran into a problem recently that took me some time to figure out.

Basically, we show a CAPTCHA to users to protect against automated downloads.
Recently, we added a system where they only have to do this every 30 minutes (and we set a $_SESSION['download_captcha_last_completed'] variable).

This didn't seem to work for me randomly, and upon long investigation, I realized I had my PC was also on the website. I suspect what was happening is that my PC was making requests for notifications, which would cause my laptop's session to be wiped out. It isn't noticeable to users (I guess they get logged in via pass hash or something else?) but the $_SESSION array seems to get completely wiped out, which means my system is unworkable for users which are logged in via multiple devices (or their phone or another device is checking for notifications). When I closed my PC browser my system worked as designed.

It looks like this is related:

Is it possible you can allow multiple sessions per member ID - or - as a compromise, perhaps save the $_SESSION array?

Edited by G17 Media
Link to comment
Share on other sites


  • Create New...

Important Information

We use technologies, such as cookies, to customise content and advertising, to provide social media features and to analyse traffic to the site. We also share information about your use of our site with our trusted social media, advertising and analytics partners. See more about cookies and our Privacy Policy