Jump to content

Archived

This topic is now archived and is closed to further replies.

9911782

prevent multiple login in php

Recommended Posts

Hi All  ;)

Can somebody help me, I would like to get the script that will prevent multiple login in a system with 1 username and 1 password.

thank you
9911782

Share this post


Link to post
Share on other sites
Without knowing the kind of system you are using for authentication, it is impossible to recommend any scripts. Post a lot more detail about your current setup, and I am sure we will be able to help you.

Share this post


Link to post
Share on other sites
Its a system where users upload their workplan & budget documents to be seen by other co-users on the websites. Each user is responsible for uploading his workplan document file to the server, and can download it and update it as well. User can also send the remarks about his uploaded workplan. User can also able to edit/update his own workplan. Other user are not allowed to remark to other user's workplan, only the owner of the workplan can send the remarks about his workplan.

Now, I have noticed that people can use other user's login details while the original user is on line. I only need 1 login for 1 login details per user. I want to prevent multiple logins using the same login details. This will help me to keep track of who have done the updates on the specific page or website.

Can you help me now?

Share this post


Link to post
Share on other sites
Thanks for the extra information... I was, however, referring to the actual code/technologies used for the system.  :)

Some questions then for you...

[list]
[*]Do you have access to the source code?
[*]Are you using a database for the user management/authentication part?
[*]If you are using a database, do you have admin access to the database?
[/list]

If you answer YES to all those, then you would need to perform some alterations to the existing user management/authentication part, both in the PHP code and database table structure. You would have to code a mechanism that would switch a value on when the user is logged in, and switch it off when he logs out. You would also have to cater for users just closing the browser without logging off, as well as sessions expiring or timing out.

My first guess would be to add an ENUM field to the database table containing the users, assigning '0','1' as possible values. Then add in a check before the user logs on to retrieve that value. If the value equals '0' then log the user in and change it to '1'. Then if another user tries to login with the same username, the check will retrieve the value and will see that it is '1'. You can then disallow the login. When the original user logs off, set the value back to '0'.

Not too sure how you would cater for those other situations though.

HTH

Share this post


Link to post
Share on other sites
[quote author=gmwebs link=topic=112505.msg456777#msg456777 date=1161694800]
My first guess would be to add an ENUM field to the database table containing the users, assigning '0','1' as possible values. Then add in a check before the user logs on to retrieve that value. If the value equals '0' then log the user in and change it to '1'. Then if another user tries to login with the same username, the check will retrieve the value and will see that it is '1'. You can then disallow the login. When the original user logs off, set the value back to '0'.

Not too sure how you would cater for those other situations though.

HTH
[/quote]

I have a better idea. Each time when a user logs in, enter into the database (in the "log_code" column for an example) a random number, or the current timestamp. Store this value in a the session var $_SESSION['log_code']. Then on every page compare and see if the "log_code" value in the database has the same value as the session var has, if they dont match the user is kicked out. When someone logs in when the user is already logged in, the first logger will be kicked out because there's a new value for "log_code" in the database (it was changed when logger2 logged in) and it doesnt have the same value as the session var.

I hope you understand me :)

Orio.

Share this post


Link to post
Share on other sites
Hi All
thank you very much for helping me.

I will go and try and implement this examples to my system, then I will come back on you guys if there is something wrong.

Thank you for your help a lot.
:)

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.