[eluser]ladooboy[/eluser]
Currently when you're logged in with IE and open the membership URL in Firefox it lets you access it because it thinks you're logged in(Even through I've got match_user_agent=TRUE).
So in the validate_session I will compare the session_id,email_address and user_agent from the DB with the session data.
IF any of it is different it redirects the user to login again.