Trey Connell writes:
> Well, this is the basic scenario.
>
> The same userid cannot be logged into the app more than once at any given
> time. Also, we want to use a cookie to keep the user from having to explicitly
> login everytime.
Just some random ideas, not necessarily the ideal solution:
Create an MD5 hash (or some other unique key) when the user logs in,
set this key in the cookie and in the database.
Add a timeout value to the database entry (for example 3 hours, or
whatever).
When a user attempts to log in from a different location check the
timeout.
Alternatively, log the user out from the first session at that point.
Be careful of basing the client information on the IP address. AOL and
a few other ISPs use rotating proxies so the client IP address can
change from one request to the next.
Michael
--
Michael Peppler - Data Migrations Inc. - [EMAIL PROTECTED]
http://www.mbay.net/~mpeppler - [EMAIL PROTECTED] - AIM MPpplr
International Sybase User Group - http://www.isug.com
Sybase on Linux mailing list: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
