PHP One-Session Login

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
tecktalkcm0391
DevNet Resident
Posts: 1030
Joined: Fri May 26, 2006 9:25 am
Location: Florida

PHP One-Session Login

Post by tecktalkcm0391 »

Hello,

I tried google to get a solution, but I couldn't find anything but Single Sign-on with a security key device. Any ideas/suggestions/examples?

Thanks a ton!

Also: I haven't looked into it yet, but can Flash keep a session from a website that it gets information from?
User avatar
vargadanis
Forum Contributor
Posts: 158
Joined: Sun Jun 01, 2008 3:48 am
Contact:

Re: PHP One-Session Login

Post by vargadanis »

Hi!

You gave us too little information. It is like I looked in the shop but all shoes were blue. Ideas?
If you tell us what you want you mean by "One-Session Login" we could give you ideas on how to do it. Do you want a session based login system?
User avatar
tecktalkcm0391
DevNet Resident
Posts: 1030
Joined: Fri May 26, 2006 9:25 am
Location: Florida

Re: PHP One-Session Login

Post by tecktalkcm0391 »

I want to be able to only allow a user to be logged in on one computer at a time. If a session is active at another computer, than a message is displayed when a user tries to login from another computer. I only want users to be logged in on one computer because I am developing a system that allows collaboration by multiple users, and you cannot have a person collaborating on the same username on two computers, because it would cause each user to overwrite the others work.

Thanks!
Chris
Amit Mehta
Forum Newbie
Posts: 3
Joined: Tue Jun 03, 2008 7:51 am

Re: PHP One-Session Login

Post by Amit Mehta »

you give little info. about this pls explain.

Thanks
Amit
User avatar
tecktalkcm0391
DevNet Resident
Posts: 1030
Joined: Fri May 26, 2006 9:25 am
Location: Florida

Re: PHP One-Session Login

Post by tecktalkcm0391 »

Sorry, i thought i was clear enough...

User1 logs on to computer1, then user1 tries to login into computer2.. it should deny him until he logs off of computer1, or the session on computer1 expires.

Is that more clear? I don't want users to be allow to login to more than one computer session at a time (computer or browser session)

Do you still need more information?
User avatar
vargadanis
Forum Contributor
Posts: 158
Joined: Sun Jun 01, 2008 3:48 am
Contact:

Re: PHP One-Session Login

Post by vargadanis »

tecktalkcm0391 wrote:Sorry, i thought i was clear enough...

User1 logs on to computer1, then user1 tries to login into computer2.. it should deny him until he logs off of computer1, or the session on computer1 expires.

Is that more clear? I don't want users to be allow to login to more than one computer session at a time (computer or browser session)

Do you still need more information?
It was clear enough. He might have posted his reply just after you gave info. That could have been the problem or who knows... :)

Ok, so what I would do is checking the IP or MAC address of the user. Store it in a DB, maybe a temporary table or just add a login_ip field to the table you use. When a user tries to log in from a computer it will be checked for the IP and if the IP exists somewhere in the table, the function will return false instead of a login session. Sounds logical to me.
Or... If you do not want to mess with this kind of things than just use last_logged_in as a data in the DB and as long as it is not expired the user won't be able to relog, unless he log manually out. This is obviously not that neat.

That's all that comes to me at this point. If I've got any other idea I will let you know about it.
User avatar
tecktalkcm0391
DevNet Resident
Posts: 1030
Joined: Fri May 26, 2006 9:25 am
Location: Florida

Re: PHP One-Session Login

Post by tecktalkcm0391 »

Ok, so do a database based session, with a field to check if the user is logged in already... go it... i just wanted to see what someone else thought thanks!
User avatar
vargadanis
Forum Contributor
Posts: 158
Joined: Sun Jun 01, 2008 3:48 am
Contact:

Re: PHP One-Session Login

Post by vargadanis »

No probs... Let me know if you've got something else figured out in PM or here. I am interested in the developements...
User avatar
Kieran Huggins
DevNet Master
Posts: 3635
Joined: Wed Dec 06, 2006 4:14 pm
Location: Toronto, Canada
Contact:

Re: PHP One-Session Login

Post by Kieran Huggins »

a good behaviour is for the new login to expire the old session, since a user may move machines and would be frustrated if he had to wait until the old one timed out.
User avatar
tecktalkcm0391
DevNet Resident
Posts: 1030
Joined: Fri May 26, 2006 9:25 am
Location: Florida

Re: PHP One-Session Login

Post by tecktalkcm0391 »

thats is what i was planning... the session would expire after 5 minutes of inactivity.
User avatar
onion2k
Jedi Mod
Posts: 5263
Joined: Tue Dec 21, 2004 5:03 pm
Location: usrlab.com

Re: PHP One-Session Login

Post by onion2k »

tecktalkcm0391 wrote:thats is what i was planning... the session would expire after 5 minutes of inactivity.
5 minutes is rarely enough. If your user is filling in a form and takes a break to get a cup of coffee or answer the phone and they're signed out they'll get annoyed and give up. For high security sites I go with 15 minutes, for lower security I go with an hour.
Post Reply