Jump to content

One user logged in at a time.

justinede

By justinede
in PHP Coding Help

Recommended Posts

JasonLewis Member

JasonLewis

Posted
Posted

Well you would have a field in your MySQL table or wherever called 'logged_in'. Set it to 1 when they login, then if someone tries logging in with there name check to see if logged_in is set to 1. When they log out, or timeout, set logged_in to 0.

justinede Member

justinede

Posted
  • Author
Posted

could you possibly write the code for me?

 

like the login action is checklogin.php

 

what goes in there? Right now there is where it checks to see if the user exists then directs them to a member's page.

 

then i would need the code to put in logout.php

Andy-H Advanced Member

Andy-H

Posted
Posted

Add this after you have checked the user + pass are correct.

 

<?php

$l_in = $row['logged_in'];

if ($l_in == 1){
echo "Someone is already logged into that account...";
}else{

$time = time() + 300; //// 5 mins...

mysql_query("UPDATE yourUsersTable SET logged_in = '1' , timeout = '$time' WHERE username = '$username' AND password = '$password' LIMIT 1")or die(mysql_error());

///// SET SESSIONS $_SESSION['username'] = $username; W/E

Header("Location: page.php");

}

?>

 

 

Then when they logout:

 

<?php
$time = time(); //// now...

mysql_query("UPDATE yourUsersTable SET logged_in = '0' , timeout = '$time' WHERE username = '$username' LIMIT 1")or die(mysql_error());

?>

 

And in your functions / include script...

 

<?php

$time = time();

$query = "SELECT id FROM yourUsersTable WHERE timeout <= '$time' AND logged_in = '1' ORDER BY id";
$result = mysql_query($query)or die(mysql_error());

while ($row = mysql_fetch_row($result)){

mysql_query("UPDATE yourUsersTable SET logged_in = '0' WHERE id = '$row[0]' LIMIT 1")or die(mysql_error());

}

?>

 

 

Hope it helps...

matmunn14 Newbie

matmunn14

Posted
Posted

Add this after you have checked the user + pass are correct.

 

<?php

$l_in = $row['logged_in'];

if ($l_in == 1){
echo "Someone is already logged into that account...";
}else{

$time = time() + 300; //// 5 mins...

mysql_query("UPDATE yourUsersTable SET logged_in = '1' , timeout = '$time' WHERE username = '$username' AND password = '$password' LIMIT 1")or die(mysql_error());

}

?>

 

 

Then when they logout:

 

<?php
$time = time(); //// now...

mysql_query("UPDATE yourUsersTable SET logged_in = '0' , timeout = '$time' WHERE username = '$username'  LIMIT 1")or die(mysql_error());

?>

 

And in your functions / include script...

 


$time = time();

$query = "SELECT id FROM yourUsersTable WHERE timeout <= '$time' AND logged_in = '1' ORDER BY id";
$result = mysql_query($query)or die(mysql_error());

while ($row = mysql_fetch_row($result)){

mysql_query("UPDATE yourUsersTable SET logged_in = '0' WHERE id = '$row[0]' LIMIT 1")or die(mysql_error());

}

 

 

Hope it helps...

 

@justinede: This is the way that ProjectFear meant and the way that I was explaining that checks for user timeout.

justinede Member

justinede

Posted
  • Author
Posted

ok where should i add that script?

 

<?php
$host="localhost"; // Host name
$username="*****"; // Mysql username
$password="*****"; // Mysql password
$db_name="ipod"; // Database name
$tbl_name="members"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' AND activated='1'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:index1.php");
}
else {
header("location:wrong.php");
//echo "Please check your username or password. If you still cant login your account has been disabled. Please contact an admin.";
}

?>

 

and what if i dont have a functions and include script? all i have is this script and a database with users in it. and a logout.php

Andy-H Advanced Member

Andy-H

Posted
Posted

ok where should i add that script?

 

<?php
$host="localhost"; // Host name
$username="*****"; // Mysql username
$password="*****"; // Mysql password
$db_name="ipod"; // Database name
$tbl_name="members"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

$time = time();

$query = "SELECT id FROM $tbl_name WHERE timeout <= '$time' AND logged_in = '1' ORDER BY id";
$result = mysql_query($query)or die(mysql_error());

while ($row = mysql_fetch_row($result)){

mysql_query("UPDATE $tbl_name SET logged_in = '0' WHERE id = '$row[0]' LIMIT 1")
or die("Error: ".mysql_error()."<br /><br />On line: ".__LINE__);
}

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT logged_in , username , password FROM $tbl_name WHERE username='$myusername' and password='$mypassword' AND activated='1'";
$result=mysql_query($sql)
or die("Error: ".mysql_error()."<br /><br />On line: ".__LINE__);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){

$row = mysql_fetch_row($result);

$l_in = $row[0];

if ($l_in == 1){
echo "Someone is already logged into that account...";
}else{

$timenow = time() + 300; /// 5 mins

mysql_query("UPDATE $tbl_name SET logged_in = '1' , timeout = '$timenow' WHERE username='$row[1]' LIMIT 1")
or die("Error: ".mysql_error()."<br /><br />On line: ".__LINE__);

// Register $myusername, $mypassword and redirect to file "login_success.php"

$_SESSION['myusername'] = $row[1];
$_SESSION['mypassword'] = $row[2];
header("location:index1.php");
}}
else {
header("location:wrong.php");
//echo "Please check your username or password. If you still cant login your account has been disabled. Please contact an admin.";
}

?>

 

and what if i dont have a functions and include script? all i have is this script and a database with users in it. and a logout.php

Andy-H Advanced Member

Andy-H

Posted
Posted

Does index1.php happen to have the lines:

 

if ( (!session_is_registered("myusername")) || (!session_is_registered("mypassword")) ){

Header("Location: index.php");

}

 

If so change it to:

 

if ( (empty($_SESSION["myusername"])) || (empty($_SESSION["mypassword"])) ){

Header("Location: index.php");

}

 

Why do you have their password as a session variable anyway?

 

You also need to update the timeout as every page loads...

 

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.