By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
428,558 Members | 1,603 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 428,558 IT Pros & Developers. It's quick & easy.

How to restrict multiple login using a single account.

P: n/a
Hi all,

In my project there is a requirement. If a user logged in at a time
since he/she logged out others are not allowed to loggin using the
same user name. That is to avoid multiple logins using a account. How
to do this?

I had got a idea and implemented.

1. When a user logs in storing the username, ip, login time to db.
2. When a User logs in i'll check the table whether the username
exists in the table or not if yes i'll not allow the user to login
else i'll allow to loggin.
3. When he logs out i'll delete the record from the table. Then he/
she can login again.

But there is a problem in this the user can close the browser directly
or right click in the taskbar and close it or by pressing Alt + F4. So
for this i have to catch the things in Javascript and trigger the
logout.

Is is possible to catch the events in Javascript, if yes please
provide me.

Or Is there any other method to restrict multiple login using single
account.

Thanx in advance.

Shankhar

May 22 '07 #1
Share this Question
Share on Google+
10 Replies


P: n/a
shankhar wrote:
Hi all,

In my project there is a requirement. If a user logged in at a time
since he/she logged out others are not allowed to loggin using the
same user name. That is to avoid multiple logins using a account. How
to do this?

I had got a idea and implemented.

1. When a user logs in storing the username, ip, login time to db.
2. When a User logs in i'll check the table whether the username
exists in the table or not if yes i'll not allow the user to login
else i'll allow to loggin.
3. When he logs out i'll delete the record from the table. Then he/
she can login again.

But there is a problem in this the user can close the browser directly
or right click in the taskbar and close it or by pressing Alt + F4. So
for this i have to catch the things in Javascript and trigger the
logout.

Is is possible to catch the events in Javascript, if yes please
provide me.

Or Is there any other method to restrict multiple login using single
account.

Thanx in advance.

Shankhar
There's no way to tell if the user closed his browser. Or turned off
his computer, unplugged from his network or any of a number of things.

You can use a short timeout, i.e. 15 minutes, and if they don't do
something in that time period their session gets deleted.

But one of the ones I like best is if one person logs on while another
one is using that account, the first one is logged out automatically.
It gets to be very annoying - and they soon stop sharing their account
info with others.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
May 22 '07 #2

P: n/a
When a user logs in or clicks an option in their account, store the
current time in a database, if someone tries to log on to the same
account, check to see if the last action they made was in the last 15
minutes. If it is, deny access. When the user clicks on logout, reset
the time in the database.

this way, if someone does close their browser then all they have to do
is wait 15 minutes, and whilst the user is actively using their
account, no-one else will be able to log in.

May 23 '07 #3

P: n/a
Jerry has the right idea.

Having the user session time out is fine - but can be counter
productive.
Having the user logged out if someone else logs in is a good way to go
since it alerts the user someone else has access to their account.

Blizzard does that :)

On May 22, 3:13 am, Jerry Stuckle <jstuck...@attglobal.netwrote:
shankhar wrote:
Hi all,
In my project there is a requirement. If a user logged in at a time
since he/she logged out others are not allowed to loggin using the
same user name. That is to avoid multiple logins using a account. How
to do this?
I had got a idea and implemented.
1. When a user logs in storing the username, ip, login time to db.
2. When a User logs in i'll check the table whether the username
exists in the table or not if yes i'll not allow the user to login
else i'll allow to loggin.
3. When he logs out i'll delete the record from the table. Then he/
she can login again.
But there is a problem in this the user can close the browser directly
or right click in the taskbar and close it or by pressing Alt + F4. So
for this i have to catch the things in Javascript and trigger the
logout.
Is is possible to catch the events in Javascript, if yes please
provide me.
Or Is there any other method to restrict multiple login using single
account.
Thanx in advance.
Shankhar

There's no way to tell if the user closed his browser. Or turned off
his computer, unplugged from his network or any of a number of things.

You can use a short timeout, i.e. 15 minutes, and if they don't do
something in that time period their session gets deleted.

But one of the ones I like best is if one person logs on while another
one is using that account, the first one is logged out automatically.
It gets to be very annoying - and they soon stop sharing their account
info with others.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstuck...@attglobal.net
==================

May 23 '07 #4

P: n/a
rf
"PK006" <ad***@pro-webs.co.ukwrote in message
news:11**********************@w5g2000hsg.googlegro ups.com...
this way, if someone does close their browser
perhaps even by mistake
then all they have to do is
sit around doing absolutely nothing while they
wait 15 minutes, and whilst the user is actively using their
account, no-one else will be able to log in.
I hope these people are not being paid by the hour :-)

If some "project" did this to me I'd complain right up to the managing
director to get it "fixed".

--
Richard.
May 24 '07 #5

P: n/a
Hi Shankhar

One way is to make sessiontimeout for 15 min and change show a
dialog to user that is u wantto continue like that......if no response
than change the status in db to notactive and give a chance to other..

May 24 '07 #6

P: n/a
On May 22, 11:10 am, shankhar <shankha...@gmail.comwrote:
Hi all,

In my project there is a requirement. If a user logged in at a time
since he/she logged out others are not allowed to loggin using the
same user name. That is to avoid multiple logins using a account. How
to do this?

I had got a idea and implemented.

1. When a user logs in storing the username, ip, login time to db.
2. When a User logs in i'll check the table whether the username
exists in the table or not if yes i'll not allow the user to login
else i'll allow to loggin.
3. When he logs out i'll delete the record from the table. Then he/
she can login again.

But there is a problem in this the user can close the browser directly
or right click in the taskbar and close it or by pressing Alt + F4. So
for this i have to catch the things in Javascript and trigger the
logout.

Is is possible to catch the events in Javascript, if yes please
provide me.

Or Is there any other method to restrict multiple login using single
account.

Thanx in advance.

Shankhar
There's the DOM event document.onunload.
Maybe you could use it to send an ajax request that terminates the
session.
But it don't really know how reliable this would be.

Good luck

May 24 '07 #7

P: n/a
At Wed, 23 May 2007 23:57:34 -0700, carrion let his monkeys type:
On May 22, 11:10 am, shankhar <shankha...@gmail.comwrote:
>Hi all,

In my project there is a requirement. If a user logged in at a time
since he/she logged out others are not allowed to loggin using the
same user name. That is to avoid multiple logins using a account. How
to do this?

I had got a idea and implemented.

1. When a user logs in storing the username, ip, login time to db.
2. When a User logs in i'll check the table whether the username
exists in the table or not if yes i'll not allow the user to login
else i'll allow to loggin.
3. When he logs out i'll delete the record from the table. Then he/
she can login again.

But there is a problem in this the user can close the browser directly
or right click in the taskbar and close it or by pressing Alt + F4. So
for this i have to catch the things in Javascript and trigger the
logout.

Is is possible to catch the events in Javascript, if yes please
provide me.

Or Is there any other method to restrict multiple login using single
account.

Thanx in advance.

Shankhar

There's the DOM event document.onunload.
Maybe you could use it to send an ajax request that terminates the
session.
But it don't really know how reliable this would be.

Good luck
Only effective if the user closes the page && has Javascript enabled. Net
outage, app or pc crash, cable disconnect, etc etc. won't be handled
correctly. Just face the fact web apps have stateless user connections.

I haven't seen a failsafe mechanism yet. Nowhere. (Except those
using one-time key devices or keyculators) Simplest is (as suggested by
others) when (a) user logs in using a given set of credentials,
immediately close any open session matching them and inform about a new
login from another address and offer the option to have their password
reset and sent by mail. If they choose that option, block the other opened
session as well.

In case their creds were obtained without their approval, they ought
to be pleased to find out their account details were nicked and should be
changed immediately.
Sh.
May 24 '07 #8

P: n/a
On May 22, 2:10 pm, shankhar <shankha...@gmail.comwrote:
In my project there is a requirement. If a user logged in at a time
since he/she logged out others are not allowed to loggin using the
same user name. That is to avoid multiple logins using a account. How
to do this?
<snip>

FWIW <http://groups.google.com/group/comp.lang.php/msg/
310fad0eef59415a>

--
<?php echo 'Just another PHP saint'; ?>
Email: rrjanbiah-at-Y!com Blog: http://rajeshanbiah.blogspot.com/

May 28 '07 #9

P: n/a
On May 22, 2:10 pm, shankhar <shankha...@gmail.comwrote:
In my project there is a requirement. If a user logged in at a time
since he/she logged out others are not allowed to loggin using the
same user name. That is to avoid multiple logins using a account. How
to do this?
<snip>

FWIW <http://groups.google.com/group/comp.lang.php/msg/
310fad0eef59415a>

--
<?php echo 'Just another PHP saint'; ?>
Email: rrjanbiah-at-Y!com Blog: http://rajeshanbiah.blogspot.com/

May 28 '07 #10

P: n/a
On May 22, 2:10 pm, shankhar <shankha...@gmail.comwrote:
In my project there is a requirement. If a user logged in at a time
since he/she logged out others are not allowed to loggin using the
same user name. That is to avoid multiple logins using a account. How
to do this?
<snip>

FWIW <http://groups.google.com/group/comp.lang.php/msg/
310fad0eef59415a>

--
<?php echo 'Just another PHP saint'; ?>
Email: rrjanbiah-at-Y!com Blog: http://rajeshanbiah.blogspot.com/

May 28 '07 #11

This discussion thread is closed

Replies have been disabled for this discussion.