473,387 Members | 1,863 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > how to restrict multiple login in a time?

Join Bytes to post your question to a community of 473,387 software developers and data experts.

How to restrict multiple login in a time?

I want to make sure all users those login are different in a time either on the same or different computer or web browser. Following are sample of my program which consist 4 different pages;

[PHP]
#users.php

$users = array(
'user1' => md5('password1'),
'user2' => md5('password2')
);
$salt = substr(md5(date('F')), 8);
[/PHP]

[PHP]
<?php
#login.php

if($_SERVER['REQUEST_METHOD'] == 'POST')
{
if(!ereg('^[A-Za-z0-9]', $_POST['username']))
{
exit('<p>Invalid characters in the username.</p>');
}
else
{
$username = $_POST['username'];
$password = md5($_POST['password']);

require('users.php');

if(array_key_exists($username, $users))
{
//the username exists
//compare the submitted password to value of the array key (the right password)
if($password == $users[$username])
{
//password is correct
session_start();
$_SESSION['usr'] = $username;
$_SESSION['loggedin'] = md5($username.$password.$salt);
setcookie(session_name(), $_COOKIE[session_name()], time()+7200, '/');
header('Location: home.php');
exit;
}
else
{
exit('<p>Invalid password.</p>');
}
}
else
{
exit('<p>Invalid username.</p>');
}
}
}
?>
<html>
<head>
<title>Login Form</title>
</head>

<body>
<form method="post" action="login.php">
Username: <input type="text" name="username"><br />
Password: <input type="password" name="password"><br />
<input type="submit" name="submit" value="Login">
</form>
</body>
</html>
[/PHP]

[PHP]
#check.php

session_start();

if(!isset($_SESSION['loggedin']))
{
header('Location: login.php');
exit;
}
else
{
//the session variable exists, check it's valid:
require('users.php');
$userexists = false;

foreach($users as $username => $password)
{
if(md5($username.$password.$salt) == $_SESSION['loggedin'])
{
$userexists = true;
}
}

if($userexists !== true)
{
exit('<p>Invalid session: please <a href="login.php">login</a>.</p>');
}
}
[/PHP]

[PHP]
<?php
require('check.php');
?>
<html>
<head>
<title>User Home Page</title>
</head>

<body>
<p><a href="logout.php">Logout</a></p>
<p>Your username is : <?php echo $_SESSION['usr'] ?></p>
</body>
</html>
[/PHP]
Oct 29 '07 #1
12 3546
Please help me! I currently got stuck. Is it possible to register different session_id() for each different user?
Oct 29 '07 #2
I've tried this code and put in login.php. But the problem happened is when i login more than one account either an account will replace all the registered account. I really don't know what i'am gonna do right now. I really need ur help.

[PHP]
#login.php

session_start();

$i = 0;
$_SESSION['sess'] = array();

if(sizeof($_SESSION['sess'])==0)
{
$_SESSION['sess'][$i] = session_id();
$i++;
}
else
{
session_regenerate_id();
$_SESSION['sess'][$i] = session_id();
$i++;
}

foreach($_SESSION['sess'] as $sess)
{
$_SESSION['usr'] = $username;
$_SESSION['loggedin'] = md5($username.$password.$salt);
setcookie(session_name(), $sess, time()+7200, '/');
header('Location: home.php');
exit;
}
[/PHP]
Oct 30 '07 #3
nathj
938 Expert 512MB
Hi,

I would use a far simpler approach to preventing mutliple logins from one user.

Assuming that the user details are stored in a database you could, on login store the IP address of the computer they logged in on, or simply set a flag to indicate they have logged in and the session ID.

Then should a second login request come along with the same credentials you can test the flag to see if they are already logged in. If they are then you can kill the previous session and start again or inform them that they are still logged in elsewhere.

That's the approach I take to this problem.

Cheers
nathj
Oct 30 '07 #4
Hi nathj, thanks for ur appreaciate... Actaully I want to make a login for portal but I has no idea where to start. Can u give me some simpler example to do that..thanks
Oct 30 '07 #5
nathj
938 Expert 512MB
Hi nathj, thanks for ur appreaciate... Actaully I want to make a login for portal but I has no idea where to start. Can u give me some simpler example to do that..thanks
Hi Fareast Adam,

If it's a login portal you're after then it's fairly straight forward. The protal is basically a form with 3 controls on it:
2 input boxes - one type text and one type password and 1 submit button.

The text boxes take the username and password and the button submits the form so that the details can be checked.

It is on this second page, the target page, that ou check the details against the database and see if the user is already logged in.

Does that make more sense?

Cheers
nathj
Oct 30 '07 #6
Actually I have using database to keep all user information such as username and password. These program are just sample only. I think i have problem on page check.php where i will include check.php in every pages as in page home.php. The problem is when I login on second time the first account will be replaced to the other new account. I am not know what i'am wrong. Please help me, I'am really need you help.

Fareast Adam
Oct 30 '07 #7
Is it guess sufficient if I use the following code to examine uer session whose registered? I put on the top on every pages...

[PHP]
require('check.php');
[/PHP]
Oct 30 '07 #8
nathj
938 Expert 512MB
Is it guess sufficient if I use the following code to examine uer session whose registered? I put on the top on every pages...

[PHP]
require('check.php');
[/PHP]
I have a site, currently in development only, where I do just that. I have the code included at the top of every page and this checks if the user is logged in. If they are it displays their name otherwise it gves the login form.

The trouble with this is that if they do not log out and go to another computer and log in again they will be logged in twice. This is why you need some way of killing a session or preventing them from logging in again.

But generally, if they are logged in don't give them the log in form so that they cannot log in again on the same computer.

Cheers
nathj
Oct 30 '07 #9
But what about genereting a new session_id() for each new different user's account such as this;

[PHP]
#login.php
session_start();

$_SESSION['usr'] = $username;
$_SESSION['loggedin'] = md5($username.$password.$salt);
if(session_id()=='')
{
setcookie(session_name(), session_id(), time()+7200, '/');
}
else
{
session_regenerate_id();
setcookie(session_name(), session_id(), time()+7200, '/');
}
header('Location: home.php');
exit;
[/PHP]
Oct 30 '07 #10
nathj
938 Expert 512MB
I've never bothered with this. I just let the server handle that. I haven't noticed any issues during my initial testing but perhaps it is something I will need to look into in the future.

Cheers
nathj
Oct 30 '07 #11
Anyway thank nathj for ur time and idea! I sense that i must try another method also.

Fareast Adam;
Oct 30 '07 #12
I have try using session live time to kill the session within 2 hours to prevent forgot logout something like this; Thanks again

[PHP]
#session live time is 2 hours
setcookie(session_name(), $_COOKIE[session_name()], time()+7200, '/');
[/PHP]


Fareast adam
Oct 30 '07 #13

Sign in to post your reply or Sign up for a free account.

Similar topics

10
Restrict selection on form - How?
by: Terabyte | last post by:
I have a client that wants me to create a form that will contain about 50 condo listings. He wants me to place a restriction on the form as to the number of Condo listings a user can...
HTML / CSS
3
Restrict Access Problem
by: Paul | last post by:
Hi all, at present I I've built a website which can be updated by admin and users. My problem, I've combined "log in" and "access levels" to restrict access to certain pages, using the built...
ASP / Active Server Pages
2
Restrict Multiple Logins
by: Sudheer | last post by:
Hi All, We need to restrict multiple users login to the system. If one user is online with one userID, we need to show the message "This user already logs in to the system" to the other user who...
ASP.NET
2
How can I restrict that the some ID can only login once in the some time
by: ad | last post by:
I use Login control's Authenticate event to authenticate use. I find that different users can use the same ID to login in the same time. How can I restrict that the some ID can only login once in...
ASP.NET
9
Asp.Net 2.0 Multiple Application Solutions
by: Graham | last post by:
I have been having some fun learning and using the new Controls and methods in .Net 2.0 which will make my life in the future easier and faster. Specifically the new databinding practises and...
ASP.NET
5
How to Restrict Unauthorized Downloads
by: Prabhat | last post by:
Hi All, I have a website setup which also provide ability to download latest version of our Software by logging into the webpage. All latest softwares (ONLY ONE FILE .EXE for each Software) are...
ASP / Active Server Pages
18
REQ Been racking my brain trying to figure out how to prevent multiple login with same username
by: Gleep | last post by:
I've searched google intensely on this topic and it seems noone really knows how to approch this. The goal I don't want clients to give out their usernames and passwords to friends, since the site...
PHP
10
How to restrict multiple login using a single account.
by: shankhar | last post by:
Hi all, In my project there is a requirement. If a user logged in at a time since he/she logged out others are not allowed to loggin using the same user name. That is to avoid multiple logins...
PHP
17
Restrict multiple logins with single username at sametime in ms access
by: yuvang | last post by:
Hi all I have a mdb with login name and password form. There are several login names, i defined through a table "User_login". Here the problem is at a time a single user is able to login in...
Microsoft Access / VBA
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!