Jump to content

prevent multiple login in php


9911782

Recommended Posts

Its a system where users upload their workplan & budget documents to be seen by other co-users on the websites. Each user is responsible for uploading his workplan document file to the server, and can download it and update it as well. User can also send the remarks about his uploaded workplan. User can also able to edit/update his own workplan. Other user are not allowed to remark to other user's workplan, only the owner of the workplan can send the remarks about his workplan.

Now, I have noticed that people can use other user's login details while the original user is on line. I only need 1 login for 1 login details per user. I want to prevent multiple logins using the same login details. This will help me to keep track of who have done the updates on the specific page or website.

Can you help me now?
Link to comment
Share on other sites

Thanks for the extra information... I was, however, referring to the actual code/technologies used for the system.  :)

Some questions then for you...

[list]
[*]Do you have access to the source code?
[*]Are you using a database for the user management/authentication part?
[*]If you are using a database, do you have admin access to the database?
[/list]

If you answer YES to all those, then you would need to perform some alterations to the existing user management/authentication part, both in the PHP code and database table structure. You would have to code a mechanism that would switch a value on when the user is logged in, and switch it off when he logs out. You would also have to cater for users just closing the browser without logging off, as well as sessions expiring or timing out.

My first guess would be to add an ENUM field to the database table containing the users, assigning '0','1' as possible values. Then add in a check before the user logs on to retrieve that value. If the value equals '0' then log the user in and change it to '1'. Then if another user tries to login with the same username, the check will retrieve the value and will see that it is '1'. You can then disallow the login. When the original user logs off, set the value back to '0'.

Not too sure how you would cater for those other situations though.

HTH
Link to comment
Share on other sites

[quote author=gmwebs link=topic=112505.msg456777#msg456777 date=1161694800]
My first guess would be to add an ENUM field to the database table containing the users, assigning '0','1' as possible values. Then add in a check before the user logs on to retrieve that value. If the value equals '0' then log the user in and change it to '1'. Then if another user tries to login with the same username, the check will retrieve the value and will see that it is '1'. You can then disallow the login. When the original user logs off, set the value back to '0'.

Not too sure how you would cater for those other situations though.

HTH
[/quote]

I have a better idea. Each time when a user logs in, enter into the database (in the "log_code" column for an example) a random number, or the current timestamp. Store this value in a the session var $_SESSION['log_code']. Then on every page compare and see if the "log_code" value in the database has the same value as the session var has, if they dont match the user is kicked out. When someone logs in when the user is already logged in, the first logger will be kicked out because there's a new value for "log_code" in the database (it was changed when logger2 logged in) and it doesnt have the same value as the session var.

I hope you understand me :)

Orio.
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.