I have a problem with login system. I have two users, userA and userB in the same computer. userA enters to his account in one browser; userB gets access to his account in the same browser. My system thinks that now userB is also userA and userA is still connected to its own account but his name appears as userB. If these two users get access into different browsers, there is NO problem.
Do you have any idea how would i fix this so that users are restricted to only having one account the logged in to from one browser window? thanks
Welcome.php
<?
session_start();
session_id();
if (empty($_SESSION['username'])){
header("location:login.php");
exit;
}
?>
login.php
<?
include('config.php');
session_start();
if(isset($_GET['reg'])){
$reg=$_GET['reg'];
}else{
$reg="";
}
if($reg==1){
$msg1="<font color=\"#009900\"><b>Your account has been created, please login</b></font>";
}elseif($reg==2){
$msg1="<font color=\"#009900\"><b>You have been successfully logged out.</b></font>";
}
if(isset($_POST['submit'])){
if( empty($_POST['uname']) && (empty($_POST['upass']))){
header( "Location:Messages.php?msg=1" );
exit();
}
//transfer to shorter var
$n=mysql_real_escape_string($_POST['uname']);
$p=mysql_real_escape_string($_POST['upass']);
//put in session vars
$mytime=time();
$mytime=date("H:i:s A",$mytime);
$_SESSION['time'] = $mytime;
$_SESSION['status'] = 'logged';
$_SESSION['username'] = $n;
//goto next page
header("location:welcome.php");
exit;
}else{
$_SESSION['status'] = 'not logged';
header( "Location:Messages.php?msg=2" );
exit();
}
}
?>
