Trey Connell writes:
 > Well, this is the basic scenario.
 > 
 > The same userid cannot be logged into the app more than once at any given
 > time.  Also, we want to use a cookie to keep the user from having to explicitly
 > login everytime.

Just some random ideas, not necessarily the ideal solution:

Create an MD5 hash (or some other unique key) when the user logs in,
set this key in the cookie and in the database.

Add a timeout value to the database entry (for example 3 hours, or
whatever).

When a user attempts to log in from a different location check the
timeout.
Alternatively, log the user out from the first session at that point.

Be careful of basing the client information on the IP address. AOL and 
a few other ISPs use rotating proxies so the client IP address can
change from one request to the next.

Michael
-- 
Michael Peppler - Data Migrations Inc. - [EMAIL PROTECTED]
http://www.mbay.net/~mpeppler - [EMAIL PROTECTED] - AIM MPpplr
International Sybase User Group - http://www.isug.com
Sybase on Linux mailing list: [EMAIL PROTECTED]

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to