> hi guys i have an authentication class , there is one last big issue to > fix , i am trying to prevent multiple logins , it does this ok except , > the > first login gets kicked instead of the second one , i have a last_login > date entry to work with , what else should i have so on the login check if > the user is logged in , there is an issue using the logged in feature , ok > u give it an interval of say 2 hours , this may prevent that person > reloggin in for two hours right ?? :| , or say its a few minutes , i can > log bak in after a few minutes and still kick the first login, what are my > options
I generally keep it like this, so that the first user is logged out. This way the user is alerted that someone has "hijacked" their account and they can act upon it. If you do it another way so that the first person remains logged on and the second user is denied access, you'll just need some extra flags in the database. Set a "logged_on" column when the user logs on and if another user tries to use the same name and the "logged_on" column is set, deny them. The issue you'll run into with this though, is how do you know someone is logged off? Sure, some people may use the log off button, but others will not. So you have to come up with a "timeout" script. What if I accidentally close my browser and come back to log in? The system will not let me because I'm still "logged_in" until X minutes pass. Also with this method, you need to keep track of these attempted log ins and somehow alert the first user. Hope that helps. ---John W. Holmes... Amazon Wishlist: http://www.amazon.com/o/registry/3BEXC84AB3A5E PHP Architect - A monthly magazine for PHP Professionals. Get your copy today. http://www.phparch.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
