Login only once

by **lacroix13** » Mon Sep 16, 2002 12:24 am

I have a question: how can I prevent a user from logging in a website more than once at a time.That is if he is already logged(has a session created with an username and password), he can't login with that username/pass.
:wink:

by **serge** » Mon Sep 16, 2002 1:30 am

Yeah, it is hard to make it with PHP :roll: . You can do this using REMOTE_ADDR (IP). But it is easy to make it with Application object of ASP
------------------------
With best regards,
Serge Bulanov
AlarIT Web developer,
www.AlarIT.com

by **Jay** » Mon Sep 16, 2002 4:37 am

What's wrong with checking the session for a value to see if they're logged in, and if they're not then display a form. If they're logged in, then there's no form so they can't log in again!

Or are you asking about someone logging in from 2 different places? In this case I'd use a database to track whether someone is logged in or not. Set the database to mark when they log in, and also provide a 'log-out' feature! When a user logs in, check that the last access wasn't within say 20 minutes (they might have moved location). If it is, deny access, if not, then allow it.

by **elitecodex** » Tue Sep 17, 2002 9:00 am

But then what happens if someone just "closes a browser", or their session times out... the script would not have a chance to update the database if the user tried to login again would it?

by **Jay** » Tue Sep 17, 2002 2:29 pm

elitecodex wrote:But then what happens if someone just "closes a browser", or their session times out... the script would not have a chance to update the database if the user tried to login again would it?

Agreed, it's a very poor method, and I've yet to understand why someone would want to do such a thing!

by **lacroix13** » Wed Sep 18, 2002 12:37 pm

I'm trying to implement a way of passing an exam oline.
In an e-learning project you have both documentation and tests. I want to restrict the access to the documentation whle sitting a test :wink:

What can I do?

PS: :arrow: If I modify the database and the user closses the browser and he does not logout, the database remains modified.Once in a while I have to check on the server who is online and to reset that field in the database

:
:arrow: How can I verify among the sessions on the server if one user, identified through a number set as a session variable, has already created a session?

:

by **Jay** » Wed Sep 18, 2002 2:23 pm

You'd need to make a specific application, it won't work via the web because the idea of the internet is that it's accessable everywhere! And PHP was specially designed for the web (as opposed to ASP which can be used in a variety of media).

Login only once

Login only once

Who is online