Page 1 of 1
preventing double login
Posted: Sun May 06, 2007 12:02 pm
by cloud_monster
at my school they have this thing where you cannot log into two systems using the same username at the same time. how do i do this with php? i have created a login system but i can't think of a good way of how to do this. and also how do i end sessions/automatically sign out if there has been no activity for a certain amount of time (like how bank websites do)? what can i do about people who don't log out, but just close their browser window? any help is appreciated
Re: preventing double login
Posted: Sun May 06, 2007 3:09 pm
by Chris Corbyn
cloud_monster wrote:at my school they have this thing where you cannot log into two systems using the same username at the same time. how do i do this with php? i have created a login system but i can't think of a good way of how to do this. and also how do i end sessions/automatically sign out if there has been no activity for a certain amount of time (like how bank websites do)? what can i do about people who don't log out, but just close their browser window? any help is appreciated
session_set_save_handler().
Basically you use a database to deal with sessions and you delete the session (a row in the database) if the user logs into another machine.
Posted: Mon May 07, 2007 1:05 am
by timvw
I'm still a proponent of the 'other way'.. Instead of expiring sessions after a while (and doing wild guesses about the time which they should be logged out) i find it better to allow the user to start a new session whenever they want (but expire their previous sessions)...
This way they can always logon (no need to wait untill their previous session has expired) and they can have only one session at a time because previous ones become invalid once they've acquired a new one...