PHP One-Session Login
Moderator: General Moderators
- tecktalkcm0391
- DevNet Resident
- Posts: 1030
- Joined: Fri May 26, 2006 9:25 am
- Location: Florida
PHP One-Session Login
Hello,
I tried google to get a solution, but I couldn't find anything but Single Sign-on with a security key device. Any ideas/suggestions/examples?
Thanks a ton!
Also: I haven't looked into it yet, but can Flash keep a session from a website that it gets information from?
I tried google to get a solution, but I couldn't find anything but Single Sign-on with a security key device. Any ideas/suggestions/examples?
Thanks a ton!
Also: I haven't looked into it yet, but can Flash keep a session from a website that it gets information from?
- vargadanis
- Forum Contributor
- Posts: 158
- Joined: Sun Jun 01, 2008 3:48 am
- Contact:
Re: PHP One-Session Login
Hi!
You gave us too little information. It is like I looked in the shop but all shoes were blue. Ideas?
If you tell us what you want you mean by "One-Session Login" we could give you ideas on how to do it. Do you want a session based login system?
You gave us too little information. It is like I looked in the shop but all shoes were blue. Ideas?
If you tell us what you want you mean by "One-Session Login" we could give you ideas on how to do it. Do you want a session based login system?
- tecktalkcm0391
- DevNet Resident
- Posts: 1030
- Joined: Fri May 26, 2006 9:25 am
- Location: Florida
Re: PHP One-Session Login
I want to be able to only allow a user to be logged in on one computer at a time. If a session is active at another computer, than a message is displayed when a user tries to login from another computer. I only want users to be logged in on one computer because I am developing a system that allows collaboration by multiple users, and you cannot have a person collaborating on the same username on two computers, because it would cause each user to overwrite the others work.
Thanks!
Chris
Thanks!
Chris
-
Amit Mehta
- Forum Newbie
- Posts: 3
- Joined: Tue Jun 03, 2008 7:51 am
Re: PHP One-Session Login
you give little info. about this pls explain.
Thanks
Amit
Thanks
Amit
- tecktalkcm0391
- DevNet Resident
- Posts: 1030
- Joined: Fri May 26, 2006 9:25 am
- Location: Florida
Re: PHP One-Session Login
Sorry, i thought i was clear enough...
User1 logs on to computer1, then user1 tries to login into computer2.. it should deny him until he logs off of computer1, or the session on computer1 expires.
Is that more clear? I don't want users to be allow to login to more than one computer session at a time (computer or browser session)
Do you still need more information?
User1 logs on to computer1, then user1 tries to login into computer2.. it should deny him until he logs off of computer1, or the session on computer1 expires.
Is that more clear? I don't want users to be allow to login to more than one computer session at a time (computer or browser session)
Do you still need more information?
- vargadanis
- Forum Contributor
- Posts: 158
- Joined: Sun Jun 01, 2008 3:48 am
- Contact:
Re: PHP One-Session Login
It was clear enough. He might have posted his reply just after you gave info. That could have been the problem or who knows...tecktalkcm0391 wrote:Sorry, i thought i was clear enough...
User1 logs on to computer1, then user1 tries to login into computer2.. it should deny him until he logs off of computer1, or the session on computer1 expires.
Is that more clear? I don't want users to be allow to login to more than one computer session at a time (computer or browser session)
Do you still need more information?
Ok, so what I would do is checking the IP or MAC address of the user. Store it in a DB, maybe a temporary table or just add a login_ip field to the table you use. When a user tries to log in from a computer it will be checked for the IP and if the IP exists somewhere in the table, the function will return false instead of a login session. Sounds logical to me.
Or... If you do not want to mess with this kind of things than just use last_logged_in as a data in the DB and as long as it is not expired the user won't be able to relog, unless he log manually out. This is obviously not that neat.
That's all that comes to me at this point. If I've got any other idea I will let you know about it.
- tecktalkcm0391
- DevNet Resident
- Posts: 1030
- Joined: Fri May 26, 2006 9:25 am
- Location: Florida
Re: PHP One-Session Login
Ok, so do a database based session, with a field to check if the user is logged in already... go it... i just wanted to see what someone else thought thanks!
- vargadanis
- Forum Contributor
- Posts: 158
- Joined: Sun Jun 01, 2008 3:48 am
- Contact:
Re: PHP One-Session Login
No probs... Let me know if you've got something else figured out in PM or here. I am interested in the developements...
- Kieran Huggins
- DevNet Master
- Posts: 3635
- Joined: Wed Dec 06, 2006 4:14 pm
- Location: Toronto, Canada
- Contact:
Re: PHP One-Session Login
a good behaviour is for the new login to expire the old session, since a user may move machines and would be frustrated if he had to wait until the old one timed out.
- tecktalkcm0391
- DevNet Resident
- Posts: 1030
- Joined: Fri May 26, 2006 9:25 am
- Location: Florida
Re: PHP One-Session Login
thats is what i was planning... the session would expire after 5 minutes of inactivity.
Re: PHP One-Session Login
5 minutes is rarely enough. If your user is filling in a form and takes a break to get a cup of coffee or answer the phone and they're signed out they'll get annoyed and give up. For high security sites I go with 15 minutes, for lower security I go with an hour.tecktalkcm0391 wrote:thats is what i was planning... the session would expire after 5 minutes of inactivity.