Prevent multi-session

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
tcardoso
Forum Newbie
Posts: 3
Joined: Mon Feb 11, 2008 1:59 pm

Prevent multi-session

Post by tcardoso »

Hi,

I want to catch multi-session and logout who makes it. Like if you are working on a Firefox browser and if you login on a IE browser, the first session has to be disabled. Same thing on tabs on firefox, etc...

Only one window session active! How can I do it?

Thanks
jmut
Forum Regular
Posts: 945
Joined: Tue Jul 05, 2005 3:54 am
Location: Sofia, Bulgaria
Contact:

Re: Prevent multi-session

Post by jmut »

is there some real reason for this? What problem are you trying to solve.
Well, you can flag that a user is logged, and if he attempts to log again to deny or whatever....problem in this approach is ..what if user just close browser and don't use logout to quit. Then it's quite possible you deny login if he tries after that.... (maybe partially solved with session timeout or something)
tcardoso
Forum Newbie
Posts: 3
Joined: Mon Feb 11, 2008 1:59 pm

Re: Prevent multi-session

Post by tcardoso »

Well, but the last login would stay active, not the old.

And using tabs, users don't have to login again.
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: Prevent multi-session

Post by Christopher »

You will probably need to check $_SERVER['REMOTE_ADDRESS'] and the server string to see if you have the same person, but a different browser. Do this before you start the session and deny as appropriate.
(#10850)
Festy
Forum Commoner
Posts: 28
Joined: Wed Jan 30, 2008 10:01 pm

Re: Prevent multi-session

Post by Festy »

jmut wrote:is there some real reason for this? What problem are you trying to solve.
Well, you can flag that a user is logged, and if he attempts to log again to deny or whatever....problem in this approach is ..what if user just close browser and don't use logout to quit. Then it's quite possible you deny login if he tries after that....
This can be the right solution if you set a cookie at the login and unset that cookie only if logout() function is called. This way if the user closes the browser and logs out unexpectedly , the cookie will still be set, and he/she won't have any problem login next time. Because at login we can check whether the cookie is set or not, if it is set then we can turn off the login flag, so that the user can login.
jmut
Forum Regular
Posts: 945
Joined: Tue Jul 05, 2005 3:54 am
Location: Sofia, Bulgaria
Contact:

Re: Prevent multi-session

Post by jmut »

I still fail to see the real reason behind it. Why would you want to prevent this. Also, anything that is client depended (cookie in this case) I would not rely on.
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Re: Prevent multi-session

Post by Benjamin »

Ok just to be clear, closing a tab in firefox won't end a session, even if it's the last tab open for a specific website.
Post Reply