if a user opens my website url (x.com)
how can I prevent him from opening the same url (x.com) in another tab/window? (another browser is ok)
my application is all ajax, so there are no different links, the content of the page just changes all the time, and I can't have the user do 1 thing in 1 tab and another thing in another under the same sassion.

Hmm, that's interesting :D
I'm sure there are better ways, but I would log the user's IP Address and browser agent on login either in a DB, a session variable or in a separate text file, and every time they try to perform an action, check to see if they are already logged on, and if so check that they are using a different browser. However, this is a PHP minded solution, and your page is all Ajax, so maybe a more suitable answer will be found in the ajax forum. Good luck!

I was thinking of something simpler like

    echo "can't open 2nd window";
    //load page

but my session doesn't get destroyed for some reason.. even if I logout (and run session_destroy()..)
when I reopen the browser the session still exists..

in php.ini everything seems to be correct

session.auto_start = 0

I even added this before my sesion_start()-


so I don't feel secure now using sessions for this check..

I think you should be using $_SESSION instead of $_COOKIES. There is slight difference between the two; cookies retain information until deleted whereas sessions retain information till browser is active. Try doing this if it fulfills all your requirements.

what can I use instead of the PHPSESSID? there's no such thing as $_SESSION["PHPSESSID"]