Page 1 of 1

Prevent user from logging in if already log.

Posted: Mon Mar 19, 2007 2:02 am
by jlising
Hello!,
I have an application written in PHP and Javascript. How do I prevent the users from logging in if the user is already logged in? This is to prevent the users from using same account at the same time.

Thanks!

Posted: Mon Mar 19, 2007 2:13 am
by parka
Taking this forum as an example, how can I log in again when I've already logged in?

They have removed the login functionality and replaced it with the Logout link.

Posted: Mon Mar 19, 2007 3:50 am
by Kadanis
if you mean to stop users from logging in from different computers at the same time, then you could record the IP address or Session ID of the initial login in the database, then on log out (or a timer) clear the values from the database. Then every time someone tries to log in, check the database for those values as well. If they exist fail the login.

It would take some playing around to get this just right, but it essence it should work.

If you're worried about it happening on the same computer, Parka has already answered ;)

Posted: Mon Mar 19, 2007 9:22 am
by jabbaonthedais
Kadanis wrote:if you mean to stop users from logging in from different computers at the same time, then you could record the IP address or Session ID of the initial login in the database, then on log out (or a timer) clear the values from the database. Then every time someone tries to log in, check the database for those values as well. If they exist fail the login.

It would take some playing around to get this just right, but it essence it should work.
Yeah, update a table each time the user hits another page inside the login area that updates the current time. Then, in your login script ask if the current time in the table is 5-10 mins off from the real current time.

Posted: Mon Mar 19, 2007 10:06 am
by feyd