"Balasubramanyam A" <knowledge.wea...@gmail.com> wrote in message
> I've written a simple application, where users need to login to access the
> features of the application. I want to develop login system such that, if
> user is already logged in, the application should not allow the users to
> login with the same login credentials. How do I accomplish this?
Personally, I have a table for sessions - each time a user logs in, their
session is stored in the table, along with the session_id generated by
session_start(), the userID, the time the session was last active, and an
"active" flag. I use these fields to keep track of the users activity. If
at any point the "active" flag is changed to inactive, the user's session is
destroyed, and they are required to log in again.
What you would do in your case, to only allow the user to be logged in at
one location at any given time would be to automatically change the flag to
'inactive' on all the sessions in the table, associated with that users ID.
Thus, if there is an active session elsewhere, when a new session is
started, all other sessions associated with that ID will be "kicked out".
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php