How to block parallel login?

[Anisuzzaman]

 

How to block parallel login?

-----------------------------------

How can I block multiple login attempts in to a single account, when that user have already logged in?

 

Like... Yahoo/Hotmail email accounts...

 

1. When I logged in, using <username: russell> & <password: 123> from <my pc: xunit>

 

2. Until I logout or close my browser, the system should not allow me to login again from <my pc: xunit> or from any other pc, using same <username> and <password>.

 

How can I solve my problem? Please help…

[sspoke]

ok u just need to make a flag

 

when you login 

 

loggedinflag  set to 1

 

if someone trys to login it would check in sql.. if user/password match and loggedinflag <> 1

when you logout it would set flag to 0 or something

 

close browser part is hard to do but you can set a timeout record a timestamp of last login in sql too

[JasonLewis]

using ajax might work with the browser closing.

[corbin]

You could log the session ID of the logged in person, and when someone else logs in update the session ID so it logs the other person out... Just an idea...

[superuser2]

I would suggest corbin's. However, I would not suggest using flags because people don't always have javascript and people don't always log out. I would suggest logging a 'last activity' time and if the user has had activity in the last 5 minutes don't let them login. When they logout clear out the last activity time.