[manilodisan]

I want to allow admins to kill user sessions. I have a page where I display the online users so I need to implement something that allows them to kill a user's session. I keep the session data in the database currently and I tried with

Yii::app()->session->destroySession ( $_GET [ 'id' ] );

where $_GET [ 'id' ] is the session id but that doesn't do anything since the session data is recreated in the db. How do I logout a user knowing his session id?

[Ismael]

This is a PHP issue i think.

Each user logged receive their own $_SESSION variable. None can access it.

But, if the $_SESSION back-end is controlled in data base you'll be able to access it.

[manilodisan]

Ismael, on 11 October 2009 - 07:55 AM, said:

This is a PHP issue i think.

Each user logged receive their own $_SESSION variable. None can access it.

But, if the $_SESSION back-end is controlled in data base you'll be able to access it.

Highly irrelevant. I'm not here to learn about sessions. Let's stick do CDbHttpSession and it's functionality.

[Ismael]

manilodisan, on 11 October 2009 - 11:02 AM, said:

Highly irrelevant. I'm not here to learn about sessions. Let's stick do CDbHttpSession and it's functionality.

You can't kill another user session because you can't access it. Only access yours.

Too achieve this with CDbHttpSession you should put some flag to check.

$user->amIKilled = true;