[UPHPU] Best way to prevent multiple logins from the same account.

phpninja phpninja at gmail.com
Thu Apr 5 19:48:17 MDT 2007 

Thanks Brady, I am using the Pear DB class for connections at the moment,
works great. Now when you say "if (user id is in session table)", i always
thought session info is stored based on what you set in php.ini. I have mine
as session.save_path = c:/php/tmp . When session_start is called, it creates
a file in that directory along with your sessionid. Problem is, when the
browser is closed, this session ID in that directory does not dissapear. I
was thinking about about checking the directory for the file and parse the
ID in there, but there is no way to change that sessionid and file unless
you destory the session and recreate a new ID. I think I am beating a dead
horse here, and do not think its 100% possible. Thanks for the insight
though.

-phpninja
On 4/5/07, Brady Mitchell <mydarb at gmail.com> wrote:
>
> > Hello all, I have been hacking some code around to see if it is possible
> to
> > prevent multiple logins from the same account. That is, if
> username/password
> > is currently logged in, and someone opens another web browser and tries
> to
> > login with that same username/password it will then redirect them out,
> > saying that someone from your account is already currently logged in.
>
> I did this for a project that I was working on a while ago, using
> sessions and storing session info in a db table.
>
> When someone tries to login:
>
> if(username and password combination are valid)
> {
>     if(user id is in the session table)
>     {
>         login denied because the user is already logged in
>     }
>     else
>     {
>         login and direct to requested page
>     }
> }
>
> Obviously this is a very brief overview of how it could be done. I'm not
> even sure this is the best way for it to be done. I ended up abandoning
> the previously mentioned project so I haven't dealt with this in a
> production environment.
>
> I suggest reading up on sessions on php.net
> http://us2.php.net/manual/en/ref.session.php.
>
> Also, I like to use the ADODB class (http://adodb.sf.net) for db
> connections, and it makes storing session info in a DB extremely easy.
> So check it out if you're struggling or just want some sample code on
> how to do this.
>
> Brady
>

More information about the UPHPU mailing list