473,656 Members | 2,824 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

How to restrict multiple login in a time?

51 New Member
I want to make sure all users those login are different in a time either on the same or different computer or web browser. Following are sample of my program which consist 4 different pages;

[PHP]
#users.php

$users = array(
'user1' => md5('password1' ),
'user2' => md5('password2' )
);
$salt = substr(md5(date ('F')), 8);
[/PHP]

[PHP]
<?php
#login.php

if($_SERVER['REQUEST_METHOD '] == 'POST')
{
if(!ereg('^[A-Za-z0-9]', $_POST['username']))
{
exit('<p>Invali d characters in the username.</p>');
}
else
{
$username = $_POST['username'];
$password = md5($_POST['password']);

require('users. php');

if(array_key_ex ists($username, $users))
{
//the username exists
//compare the submitted password to value of the array key (the right password)
if($password == $users[$username])
{
//password is correct
session_start() ;
$_SESSION['usr'] = $username;
$_SESSION['loggedin'] = md5($username.$ password.$salt) ;
setcookie(sessi on_name(), $_COOKIE[session_name()], time()+7200, '/');
header('Locatio n: home.php');
exit;
}
else
{
exit('<p>Invali d password.</p>');
}
}
else
{
exit('<p>Invali d username.</p>');
}
}
}
?>
<html>
<head>
<title>Login Form</title>
</head>

<body>
<form method="post" action="login.p hp">
Username: <input type="text" name="username" ><br />
Password: <input type="password" name="password" ><br />
<input type="submit" name="submit" value="Login">
</form>
</body>
</html>
[/PHP]

[PHP]
#check.php

session_start() ;

if(!isset($_SES SION['loggedin']))
{
header('Locatio n: login.php');
exit;
}
else
{
//the session variable exists, check it's valid:
require('users. php');
$userexists = false;

foreach($users as $username => $password)
{
if(md5($usernam e.$password.$sa lt) == $_SESSION['loggedin'])
{
$userexists = true;
}
}

if($userexists !== true)
{
exit('<p>Invali d session: please <a href="login.php ">login</a>.</p>');
}
}
[/PHP]

[PHP]
<?php
require('check. php');
?>
<html>
<head>
<title>User Home Page</title>
</head>

<body>
<p><a href="logout.ph p">Logout</a></p>
<p>Your username is : <?php echo $_SESSION['usr'] ?></p>
</body>
</html>
[/PHP]
Oct 29 '07 #1
12 3573
Fareast Adam
51 New Member
Please help me! I currently got stuck. Is it possible to register different session_id() for each different user?
Oct 29 '07 #2
Fareast Adam
51 New Member
I've tried this code and put in login.php. But the problem happened is when i login more than one account either an account will replace all the registered account. I really don't know what i'am gonna do right now. I really need ur help.

[PHP]
#login.php

session_start() ;

$i = 0;
$_SESSION['sess'] = array();

if(sizeof($_SES SION['sess'])==0)
{
$_SESSION['sess'][$i] = session_id();
$i++;
}
else
{
session_regener ate_id();
$_SESSION['sess'][$i] = session_id();
$i++;
}

foreach($_SESSI ON['sess'] as $sess)
{
$_SESSION['usr'] = $username;
$_SESSION['loggedin'] = md5($username.$ password.$salt) ;
setcookie(sessi on_name(), $sess, time()+7200, '/');
header('Locatio n: home.php');
exit;
}
[/PHP]
Oct 30 '07 #3
nathj
938 Recognized Expert Contributor
Hi,

I would use a far simpler approach to preventing mutliple logins from one user.

Assuming that the user details are stored in a database you could, on login store the IP address of the computer they logged in on, or simply set a flag to indicate they have logged in and the session ID.

Then should a second login request come along with the same credentials you can test the flag to see if they are already logged in. If they are then you can kill the previous session and start again or inform them that they are still logged in elsewhere.

That's the approach I take to this problem.

Cheers
nathj
Oct 30 '07 #4
Fareast Adam
51 New Member
Hi nathj, thanks for ur appreaciate... Actaully I want to make a login for portal but I has no idea where to start. Can u give me some simpler example to do that..thanks
Oct 30 '07 #5
nathj
938 Recognized Expert Contributor
Hi nathj, thanks for ur appreaciate... Actaully I want to make a login for portal but I has no idea where to start. Can u give me some simpler example to do that..thanks
Hi Fareast Adam,

If it's a login portal you're after then it's fairly straight forward. The protal is basically a form with 3 controls on it:
2 input boxes - one type text and one type password and 1 submit button.

The text boxes take the username and password and the button submits the form so that the details can be checked.

It is on this second page, the target page, that ou check the details against the database and see if the user is already logged in.

Does that make more sense?

Cheers
nathj
Oct 30 '07 #6
Fareast Adam
51 New Member
Actually I have using database to keep all user information such as username and password. These program are just sample only. I think i have problem on page check.php where i will include check.php in every pages as in page home.php. The problem is when I login on second time the first account will be replaced to the other new account. I am not know what i'am wrong. Please help me, I'am really need you help.

Fareast Adam
Oct 30 '07 #7
Fareast Adam
51 New Member
Is it guess sufficient if I use the following code to examine uer session whose registered? I put on the top on every pages...

[PHP]
require('check. php');
[/PHP]
Oct 30 '07 #8
nathj
938 Recognized Expert Contributor
Is it guess sufficient if I use the following code to examine uer session whose registered? I put on the top on every pages...

[PHP]
require('check. php');
[/PHP]
I have a site, currently in development only, where I do just that. I have the code included at the top of every page and this checks if the user is logged in. If they are it displays their name otherwise it gves the login form.

The trouble with this is that if they do not log out and go to another computer and log in again they will be logged in twice. This is why you need some way of killing a session or preventing them from logging in again.

But generally, if they are logged in don't give them the log in form so that they cannot log in again on the same computer.

Cheers
nathj
Oct 30 '07 #9
Fareast Adam
51 New Member
But what about genereting a new session_id() for each new different user's account such as this;

[PHP]
#login.php
session_start() ;

$_SESSION['usr'] = $username;
$_SESSION['loggedin'] = md5($username.$ password.$salt) ;
if(session_id() =='')
{
setcookie(sessi on_name(), session_id(), time()+7200, '/');
}
else
{
session_regener ate_id();
setcookie(sessi on_name(), session_id(), time()+7200, '/');
}
header('Locatio n: home.php');
exit;
[/PHP]
Oct 30 '07 #10

Sign in to post your reply or Sign up for a free account.

Similar topics
10
2335
Restrict selection on form - How?
by: Terabyte | last post by:
I have a client that wants me to create a form that will contain about 50 condo listings. He wants me to place a restriction on the form as to the number of Condo listings a user can select/request. Is that possible? If so, what will I need to do or use to make this stunt possible? The items on each page would be different. The data is being passed between three pages. Lets say on page1 there are condos available (20) located in area...
HTML / CSS
3
3124
Restrict Access Problem
by: Paul | last post by:
Hi all, at present I I've built a website which can be updated by admin and users. My problem, I've combined "log in" and "access levels" to restrict access to certain pages, using the built in "log in" and "user authentication, restrict access to page" features. But I find the after login I constantly get redirected from the restricted pages.
ASP / Active Server Pages
2
4468
Restrict Multiple Logins
by: Sudheer | last post by:
Hi All, We need to restrict multiple users login to the system. If one user is online with one userID, we need to show the message "This user already logs in to the system" to the other user who tries to login with the same userID. We are using C#. Please help us how we can do this.
ASP.NET
2
1863
How can I restrict that the some ID can only login once in the some time
by: ad | last post by:
I use Login control's Authenticate event to authenticate use. I find that different users can use the same ID to login in the same time. How can I restrict that the some ID can only login once in the some time
ASP.NET
9
2765
Asp.Net 2.0 Multiple Application Solutions
by: Graham | last post by:
I have been having some fun learning and using the new Controls and methods in .Net 2.0 which will make my life in the future easier and faster. Specifically the new databinding practises and wizards. But, I have found that trying to do something "outside the norm" adds a rather large level of complexity and/or data replication. Background I have been commissioned to create a web-based application for a client. It has a formsaunthentication...
ASP.NET
5
1589
How to Restrict Unauthorized Downloads
by: Prabhat | last post by:
Hi All, I have a website setup which also provide ability to download latest version of our Software by logging into the webpage. All latest softwares (ONLY ONE FILE .EXE for each Software) are located in the "/Download" folder of my website. Customer will login to website and the ASP page decide the software that this user has purchased and privide ONLY that Hyperlink to download the latest Version file. My problem is if somoe body...
ASP / Active Server Pages
18
3384
REQ Been racking my brain trying to figure out how to prevent multiple login with same username
by: Gleep | last post by:
I've searched google intensely on this topic and it seems noone really knows how to approch this. The goal I don't want clients to give out their usernames and passwords to friends, since the site relies on subscrption fees. Sessions ID's are matched between the browser and the server. So a users can login with same username and password and those sessions are tracked individually. Some suggest create table fields with the session ID...
PHP
10
13069
How to restrict multiple login using a single account.
by: shankhar | last post by:
Hi all, In my project there is a requirement. If a user logged in at a time since he/she logged out others are not allowed to loggin using the same user name. That is to avoid multiple logins using a account. How to do this? I had got a idea and implemented. 1. When a user logs in storing the username, ip, login time to db.
PHP
17
4792
Restrict multiple logins with single username at sametime in ms access
by: yuvang | last post by:
Hi all I have a mdb with login name and password form. There are several login names, i defined through a table "User_login". Here the problem is at a time a single user is able to login in multible system, which i want to restrict. here is the code which i i am using for login check..... Private Sub cmblogin_Click() Static intlogonattempts As Integer
Microsoft Access / VBA
0
8382
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
General
0
8717
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
Online Marketing
1
8498
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
Windows Server
0
8600
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
General
0
7311
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
Career Advice
0
4150
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
Networking - Hardware / Configuration
0
4300
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
1
2726
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
C# / C Sharp
2
1600
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us