I am making a php based application. When two users are logged in from same the browser in different tabs then they can access each other page. How to prevent this?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am making a php based application. When two users are logged in from same the browser in different tabs then they can access each other page. How to prevent this?
I see there 4 solutions:
You could just try to give that window (in this case tab) a name to detect a special window with JavaScript:
Use a session with a GET parameter and not with a cookie.
Use a random sub domain with normal cookies that operates on that subdomain.
Use a normal cookie which is restricted to a “virtual” directory which not really exists with the usage of mod_rewrite. Idea based on this comment.