Prevent user from logging in if already log.

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Locked
User avatar
jlising
Forum Commoner
Posts: 33
Joined: Mon Mar 19, 2007 1:48 am
Location: Pampanga, Philippines
Contact:

Prevent user from logging in if already log.

Post by jlising »

Hello!,
I have an application written in PHP and Javascript. How do I prevent the users from logging in if the user is already logged in? This is to prevent the users from using same account at the same time.

Thanks!
parka
Forum Commoner
Posts: 52
Joined: Mon Feb 26, 2007 6:48 am

Post by parka »

Taking this forum as an example, how can I log in again when I've already logged in?

They have removed the login functionality and replaced it with the Logout link.
User avatar
Kadanis
Forum Contributor
Posts: 180
Joined: Tue Jun 20, 2006 8:55 am
Location: Dorset, UK
Contact:

Post by Kadanis »

if you mean to stop users from logging in from different computers at the same time, then you could record the IP address or Session ID of the initial login in the database, then on log out (or a timer) clear the values from the database. Then every time someone tries to log in, check the database for those values as well. If they exist fail the login.

It would take some playing around to get this just right, but it essence it should work.

If you're worried about it happening on the same computer, Parka has already answered ;)
jabbaonthedais
Forum Contributor
Posts: 127
Joined: Wed Aug 18, 2004 12:08 pm

Post by jabbaonthedais »

Kadanis wrote:if you mean to stop users from logging in from different computers at the same time, then you could record the IP address or Session ID of the initial login in the database, then on log out (or a timer) clear the values from the database. Then every time someone tries to log in, check the database for those values as well. If they exist fail the login.

It would take some playing around to get this just right, but it essence it should work.
Yeah, update a table each time the user hits another page inside the login area that updates the current time. Then, in your login script ask if the current time in the table is 5-10 mins off from the real current time.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Locked