PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
I'm trying to code an admin page with session and hashed password stored in mysql. The client wants to restrict that page to only one login in any given time, ie only one user can browse the page at a time. I'm not sure how to do that! Any help please?
<?
if (!empty($_SESSION['loggedin']))
{
//if not logged in redirect
header("Location: index.php");
}
else
{
//count number of rows
$sql = "SELECT COUNT(`id`) FROM `logged`";
//run the query
$result = mysql_query($sql) die(mysql_error());;
//check if no rows exist
if ($result == 0)
{
$sql = "INSERT INTO `loggedin` SET `id`='".session_id()."'";
$result = mysql_query($sql) die(mysql_error());
}
else
{
//deny access, remove him from loggedin
$sql = "DELETE FROM `loggedin` WHERE `id`='".session_id()."'";
$result = mysql_query($sql) or die(mysql_error());
//destroy session variable
$_SESSION['loggedin'] = array();
}
}
}
?>
make a field in the db for each user, call it say, logged_in
also make one called last_activity
when someone logs in, update the databse for that username, and make logged_in = true
when they log out, make logged_in = false
the last activity is in case they forget to log out
once someone logs in, update the last_activity on every page request
now before you allow someone to log in, first check if that username is already logged in. if they are already logged in, then make sure the last activity is not older than say....2 hours
if it is too old, then allow them to log in, because the one who is previously logged in, has been inactive for 2 hours, and likely forgot to log out.