I want to make sure all users those login are different in a time either on the same or different computer or web browser. Following are sample of my program which consist 4 different pages;
[PHP]
#users.php
$users = array(
'user1' => md5('password1' ),
'user2' => md5('password2' )
);
$salt = substr(md5(date ('F')), 8);
[/PHP]
[PHP]
<?php
#login.php
if($_SERVER['REQUEST_METHOD '] == 'POST')
{
if(!ereg('^[A-Za-z0-9]', $_POST['username']))
{
exit('<p>Invali d characters in the username.</p>');
}
else
{
$username = $_POST['username'];
$password = md5($_POST['password']);
require('users. php');
if(array_key_ex ists($username, $users))
{
//the username exists
//compare the submitted password to value of the array key (the right password)
if($password == $users[$username])
{
//password is correct
session_start() ;
$_SESSION['usr'] = $username;
$_SESSION['loggedin'] = md5($username.$ password.$salt) ;
setcookie(sessi on_name(), $_COOKIE[session_name()], time()+7200, '/');
header('Locatio n: home.php');
exit;
}
else
{
exit('<p>Invali d password.</p>');
}
}
else
{
exit('<p>Invali d username.</p>');
}
}
}
?>
<html>
<head>
<title>Login Form</title>
</head>
<body>
<form method="post" action="login.p hp">
Username: <input type="text" name="username" ><br />
Password: <input type="password" name="password" ><br />
<input type="submit" name="submit" value="Login">
</form>
</body>
</html>
[/PHP]
[PHP]
#check.php
session_start() ;
if(!isset($_SES SION['loggedin']))
{
header('Locatio n: login.php');
exit;
}
else
{
//the session variable exists, check it's valid:
require('users. php');
$userexists = false;
foreach($users as $username => $password)
{
if(md5($usernam e.$password.$sa lt) == $_SESSION['loggedin'])
{
$userexists = true;
}
}
if($userexists !== true)
{
exit('<p>Invali d session: please <a href="login.php ">login</a>.</p>');
}
}
[/PHP]
[PHP]
<?php
require('check. php');
?>
<html>
<head>
<title>User Home Page</title>
</head>
<body>
<p><a href="logout.ph p">Logout</a></p>
<p>Your username is : <?php echo $_SESSION['usr'] ?></p>
</body>
</html>
[/PHP]
12 3573
Please help me! I currently got stuck. Is it possible to register different session_id() for each different user?
I've tried this code and put in login.php. But the problem happened is when i login more than one account either an account will replace all the registered account. I really don't know what i'am gonna do right now. I really need ur help.
[PHP]
#login.php
session_start() ;
$i = 0;
$_SESSION['sess'] = array();
if(sizeof($_SES SION['sess'])==0)
{
$_SESSION['sess'][$i] = session_id();
$i++;
}
else
{
session_regener ate_id();
$_SESSION['sess'][$i] = session_id();
$i++;
}
foreach($_SESSI ON['sess'] as $sess)
{
$_SESSION['usr'] = $username;
$_SESSION['loggedin'] = md5($username.$ password.$salt) ;
setcookie(sessi on_name(), $sess, time()+7200, '/');
header('Locatio n: home.php');
exit;
}
[/PHP]
nathj 938
Recognized Expert Contributor
Hi,
I would use a far simpler approach to preventing mutliple logins from one user.
Assuming that the user details are stored in a database you could, on login store the IP address of the computer they logged in on, or simply set a flag to indicate they have logged in and the session ID.
Then should a second login request come along with the same credentials you can test the flag to see if they are already logged in. If they are then you can kill the previous session and start again or inform them that they are still logged in elsewhere.
That's the approach I take to this problem.
Cheers
nathj
Hi nathj, thanks for ur appreaciate... Actaully I want to make a login for portal but I has no idea where to start. Can u give me some simpler example to do that..thanks
nathj 938
Recognized Expert Contributor
Hi nathj, thanks for ur appreaciate... Actaully I want to make a login for portal but I has no idea where to start. Can u give me some simpler example to do that..thanks
Hi Fareast Adam,
If it's a login portal you're after then it's fairly straight forward. The protal is basically a form with 3 controls on it:
2 input boxes - one type text and one type password and 1 submit button.
The text boxes take the username and password and the button submits the form so that the details can be checked.
It is on this second page, the target page, that ou check the details against the database and see if the user is already logged in.
Does that make more sense?
Cheers
nathj
Actually I have using database to keep all user information such as username and password. These program are just sample only. I think i have problem on page check.php where i will include check.php in every pages as in page home.php. The problem is when I login on second time the first account will be replaced to the other new account. I am not know what i'am wrong. Please help me, I'am really need you help.
Fareast Adam
Is it guess sufficient if I use the following code to examine uer session whose registered? I put on the top on every pages...
[PHP]
require('check. php');
[/PHP]
nathj 938
Recognized Expert Contributor
Is it guess sufficient if I use the following code to examine uer session whose registered? I put on the top on every pages...
[PHP]
require('check. php');
[/PHP]
I have a site, currently in development only, where I do just that. I have the code included at the top of every page and this checks if the user is logged in. If they are it displays their name otherwise it gves the login form.
The trouble with this is that if they do not log out and go to another computer and log in again they will be logged in twice. This is why you need some way of killing a session or preventing them from logging in again.
But generally, if they are logged in don't give them the log in form so that they cannot log in again on the same computer.
Cheers
nathj
But what about genereting a new session_id() for each new different user's account such as this;
[PHP]
#login.php
session_start() ;
$_SESSION['usr'] = $username;
$_SESSION['loggedin'] = md5($username.$ password.$salt) ;
if(session_id() =='')
{
setcookie(sessi on_name(), session_id(), time()+7200, '/');
}
else
{
session_regener ate_id();
setcookie(sessi on_name(), session_id(), time()+7200, '/');
}
header('Locatio n: home.php');
exit;
[/PHP]
Sign in to post your reply or Sign up for a free account.
Similar topics |
by: Terabyte |
last post by:
I have a client that wants me to create a form that will contain about 50
condo listings. He wants me to place a restriction on the form as to the
number of Condo listings a user can select/request. Is that possible? If so,
what will I need to do or use to make this stunt possible?
The items on each page would be different. The data is being passed between
three pages.
Lets say on page1 there are condos available (20) located in area...
|
by: Paul |
last post by:
Hi all, at present I I've built a website which can be updated by admin and
users.
My problem, I've combined "log in" and "access levels" to restrict access to
certain pages, using the built in "log in" and "user authentication,
restrict access to page" features. But I find the after login I constantly
get redirected from the restricted pages.
|
by: Sudheer |
last post by:
Hi All,
We need to restrict multiple users login to the system. If one user is
online with one userID, we need to show the message "This user already logs
in to the system" to the other user who tries to login with the same userID.
We are using C#.
Please help us how we can do this.
|
by: ad |
last post by:
I use Login control's Authenticate event to authenticate use.
I find that different users can use the same ID to login in the same time.
How can I restrict that the some ID can only login once in the some time
|
by: Graham |
last post by:
I have been having some fun learning and using the new Controls and methods in .Net 2.0 which will make my life in the future easier and faster. Specifically the new databinding practises and wizards.
But, I have found that trying to do something "outside the norm" adds a rather large level of complexity and/or data replication.
Background
I have been commissioned to create a web-based application for a client. It has a formsaunthentication...
| |
by: Prabhat |
last post by:
Hi All,
I have a website setup which also provide ability to download latest version
of our Software by logging into the webpage. All latest softwares (ONLY ONE
FILE .EXE for each Software) are located in the "/Download" folder of my
website. Customer will login to website and the ASP page decide the software
that this user has purchased and privide ONLY that Hyperlink to download the
latest Version file.
My problem is if somoe body...
|
by: Gleep |
last post by:
I've searched google intensely on this topic and it seems noone really knows how to approch this.
The goal I don't want clients to give out their usernames and passwords to friends, since the site
relies on subscrption fees.
Sessions ID's are matched between the browser and the server. So a users can login with same
username and password and those sessions are tracked individually.
Some suggest create table fields with the session ID...
|
by: shankhar |
last post by:
Hi all,
In my project there is a requirement. If a user logged in at a time
since he/she logged out others are not allowed to loggin using the
same user name. That is to avoid multiple logins using a account. How
to do this?
I had got a idea and implemented.
1. When a user logs in storing the username, ip, login time to db.
|
by: yuvang |
last post by:
Hi all
I have a mdb with login name and password form. There are several login names, i defined through a table "User_login". Here the problem is at a time a single user is able to login in multible system, which i want to restrict.
here is the code which i i am using for login check.....
Private Sub cmblogin_Click()
Static intlogonattempts As Integer
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
| |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |