nazmy Posted January 30, 2008 Share Posted January 30, 2008 I am using session to create a login script and it works great... But the only problem is, it does not prevent double login with the same username... How to to solve this problem????? Quote Link to comment Share on other sites More sharing options...
trq Posted January 30, 2008 Share Posted January 30, 2008 Check for the existence of the $_SESSION array prior to log in. eg; <?php session_start(); if (!isset($_SESSION['username'])) { // do login. } else { // user already logged in. } ?> Quote Link to comment Share on other sites More sharing options...
cooldude832 Posted January 30, 2008 Share Posted January 30, 2008 only issue there thorpe is that it handles on a single computer For preventing multi computer logins, make a mysql table that stores SESSIONID UserID TimeStamp Every time they move pages if that UsreID is already assigned to another SessionID (no their own) log them out of their current login. Then delete all Data in this table over X minuites old so you don't have to worry about users who forget to logout. Also delete relative session data on a logout in this table. Its basicalyl a How many users online script altered. Quote Link to comment Share on other sites More sharing options...
nazmy Posted January 30, 2008 Author Share Posted January 30, 2008 <?php session_start(); include('db.php'); if(isset($_POST['submit'])) : $username = strip_tags($_POST['username']); $password = sha1(strip_tags($_POST['password'])); $query = sprintf("SELECT ID FROM members WHERE username = '%s' AND user_password = '%s' LIMIT 1;", mysql_real_escape_string($username), mysql_real_escape_string($password)); $result = mysql_query($query); if(1 != mysql_num_rows($result)) : header('Location: index.php?msg=login_failed'); else : $row = mysql_fetch_assoc($result); $_SESSION['member_ID'] = $row['ID']; if (!isset($_SESSION['member_ID'])) { // do login. header('Location: members-only.php'); } else echo "already logged in"; endif; endif; ?> It works!!! I have not tried from multiple pc.... anyway, thanks for the help Quote Link to comment Share on other sites More sharing options...
nazmy Posted January 30, 2008 Author Share Posted January 30, 2008 <?php session_start(); include('db.php'); if(isset($_POST['submit'])) : $username = strip_tags($_POST['username']); $password = sha1(strip_tags($_POST['password'])); $query = sprintf("SELECT ID FROM members WHERE username = '%s' AND user_password = '%s' LIMIT 1;", mysql_real_escape_string($username), mysql_real_escape_string($password)); $result = mysql_query($query); if(1 != mysql_num_rows($result)) : header('Location: index.php?msg=login_failed'); else : $row = mysql_fetch_assoc($result); $_SESSION['member_ID'] = $row['ID']; if (!isset($_SESSION['member_ID'])) { // do login. header('Location: members-only.php'); } else echo "already logged in"; endif; endif; ?> Quote Link to comment Share on other sites More sharing options...
nazmy Posted January 30, 2008 Author Share Posted January 30, 2008 <?php session_start(); include('db.php'); if(isset($_POST['submit'])) : $username = strip_tags($_POST['username']); $password = sha1(strip_tags($_POST['password'])); $query = sprintf("SELECT ID FROM members WHERE username = '%s' AND user_password = '%s' LIMIT 1;", mysql_real_escape_string($username), mysql_real_escape_string($password)); $result = mysql_query($query); if(1 != mysql_num_rows($result)) : header('Location: index.php?msg=login_failed'); else : $row = mysql_fetch_assoc($result); if (!isset($_SESSION['member_ID'])) { $_SESSION['member_ID'] = $row['ID']; header('Location: members-only.php'); } else { echo "already logged in"; } endif; endif; ?> I've made mistake with the last one .... it does not work... So this this is a new one... It looks ok to me... Can somebody figure it out... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.