Page 1 of 1

How to Allowing only one Login to Admin with MD5 & Sessi

Posted: Sat Nov 20, 2004 2:15 pm
by mans
Hi,

This is my first post here :D

I'm trying to code an admin page with session and hashed password stored in mysql. The client wants to restrict that page to only one login in any given time, ie only one user can browse the page at a time. I'm not sure how to do that! Any help please?

TIA

Posted: Sat Nov 20, 2004 3:04 pm
by John Cartwright
ok when they are logged in have it update in your mysql database with something like

Code: Select all

INSERT INTO `loggedin` SET `id` = session_id()
then each time the page is loaded

Code: Select all

<?
if (!empty($_SESSION['loggedin']))
{
//if not logged in redirect
header("Location: index.php");

}
else
{
//count number of rows
$sql = "SELECT COUNT(`id`) FROM `logged`";

//run the query
$result = mysql_query($sql) die(mysql_error());;

//check if no rows exist
if ($result == 0)
{

$sql = "INSERT INTO `loggedin` SET `id`='".session_id()."'";
$result = mysql_query($sql) die(mysql_error());

}
else
{
//deny access, remove him from loggedin
$sql = "DELETE FROM `loggedin` WHERE `id`='".session_id()."'";
$result = mysql_query($sql) or die(mysql_error());

//destroy session variable
$_SESSION['loggedin'] = array();
}
}
}
?>
hope this helps.... something to get you started

Posted: Sat Nov 20, 2004 3:29 pm
by rehfeld
make a field in the db for each user, call it say, logged_in
also make one called last_activity

when someone logs in, update the databse for that username, and make logged_in = true
when they log out, make logged_in = false

the last activity is in case they forget to log out

once someone logs in, update the last_activity on every page request


now before you allow someone to log in, first check if that username is already logged in. if they are already logged in, then make sure the last activity is not older than say....2 hours
if it is too old, then allow them to log in, because the one who is previously logged in, has been inactive for 2 hours, and likely forgot to log out.



edit- phenom beat me to it lol

Posted: Sat Nov 20, 2004 5:45 pm
by John Cartwright
edit- phenom beat me to it lol
by 25 min :)

Posted: Sat Nov 20, 2004 7:53 pm
by rehfeld
Phenom wrote:
edit- phenom beat me to it lol
by 25 min :)
i uh, went to get somthing to eat mid-post :D