Jump to content

Archived

This topic is now archived and is closed to further replies.

Kano

Prevent sharing of accounts

Recommended Posts

Hi all,
I have a general question that has been bugging me for a while.
I am wondering whether it is possible in php that a script can prevent members from sharing accounts. I am thinking that we could prevent people logging in to a system under a username when that username is already logged in to the system but are there any otherways?

I am not after any code as such, just some general advice and opinions on how to go about this task.

Thanks for any advice

Share this post


Link to post
Share on other sites
You can do this simular to building a WHO IS online script

at the top of every page, have some code, if the user is logged in, Update the DB with the date/time stamp

If they log out, delete this stamp
BUT, what if they dont log out

If you update the DB every page load, then if they have not loaded a page for more than 10 mins, assume they have gone.
Therefore, when it comes to logging in
Check if the IP add is the same (Just in case they closed there browser by accident or something)
If the IP is different, check if the Last Action was more than 10 mins, if it wasn't Come up with a message saying that they are logged in.

Alternative

Store the users IP in the DB when they log in
Then on every page load
check that the users IP is the same as the one in the DB
if not, then log out

So if someone logs in from somewhere else, under that account, His IP would be in the DB, therefore the IP of the first person does not match

Share this post


Link to post
Share on other sites
Thanks onlyican,
That is what i needed to know, this would then prevent the problem of only allowing loggin from one ip address per user (which is not helpful) and also prevent users from passing their details because of the situation where they cannot get into the system whilst someone is using their account. One problem is if someone aquired someone elses account details but then this can be overcome be using an admin contact link if there are problems with the account, i would assume.

thanks for your help

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.