I'd simply drop the idea of imposter lockout. It's first of all very fragile since it only kicks in if he and the valid user use the program at the same time (not that likely), and if they do, you have absolutely no idea which of the two sessions is the "real" one. So whomever you kick out, half of the time you're wrong and actually helping the "imposter".

Also, being connected is a red herring. First of all HTTP is stateless, so there is no such thing. And even if there was a real connection, it wouldn;'t mean much, since the user could just have kept the old browser connected even if he's not behind the computer.

So I'd simply assume that a new session means the user moved, and just invalidate the old session. If imposter avoidance is impotant, give the user a message that you did so, so that the user (who supposedly knows he used the program recently somewhere else or not) gets a chance to decide if there is an imposter or not. In the scenario you started with where the imposter is working at the same time, the session will probably move between the two parties several times, and each will be aware of the existance of the other.

In reply to Re: How should I handle Orphan Sessions? by thospel
in thread How should I handle Orphan Sessions? by soon_j

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.