Here's a couple of suggestions:
window that simply calls one of your scripts that closes the session.
This is not 100% foolproof, however, so you need to come up with a
backup plan, like closing sessions automatically with a batch process in
2) That's easy enough--just store a "unique token" in their session and
in the database when they log in. If, when they come to you with a
particular user id they do not have the right token, then that means
that either (a) somebody is trying to steal a session or (b) two people
have signed on with the same username, in which case you can decide who
gets the boot. This, too, is not a completely foolproof method
(particularly if you don't use SSL), but it's a good starting point.
Hope this helps.
php|architect - The magazine for PHP Professionals
The first monthly worldwide magazine dedicated to PHP programmers
Come visit us at http://www.phparch.com!
On Wed, 2002-11-27 at 20:19, Chris Payne wrote:
> Hi there everyone,
> I have a login system which uses sessions, and when people login it puts
> the date they logged in in their profile and moves their last login date
> over to another field, that works fine, but how can I check if someone has
> logged out via code? In other words, if someone does what they want and
> then just closes the browser without logging out no record is saved, how can
> I tell whether they have logged out / gone from the website ? I need to
> know this for security.
> Which brings me to my next question :-)
> How would I make it so only 1 person can login at any time with any given
> username/password combo? I know I have to track the sessions, but not sure
> how :-(
> Any help would really be appreciated.
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php