On 14 May 2010 08:18, Jagdeep Singh <jagsaini1...@gmail.com> wrote:
> Hi All!
> I am looking for a solution, I want a user to do a single Login only on a PC
> .
> E.g. If a User has logged on my website website.com in Internet explorer,
> then he cant login on same website in another browser like Firefox etc with
> same loginid or another.
> Can I trace MAC address of a single machine to solve this issue?
> Or is there a concept of GLOBAL COOKIE / Cross Browser Cookie which will
> work for all browsers in a single machine..
> I hope You will help me out
> Regards
> Jagdeep Singh
> +91 9988009272

Store the session id against the user table when they login if there
is no session id currently stored for the user.

On all secure pages, compare the current session id against the stored
session id for their login.

If they are the same, then this is the same user in the same session.

At this stage, you can regenerate the session id and store a new one
against the user. Essentially making the session id active for a
single page only.

If the sessions are different you can now either ...

1 -Tell the user that you can only have 1 active login per account and
send them back to the home page (ideally an unsecured page where the
browser won't automatically attempt to login by using remembered
2 - Clear the session against the user table and tag the account so
that all instances can be told that only 1 active account per login.
Essentially logging the other user out - not nice but if multiple
logins are in violation of an agreement, then all suffer. It does
allow a "real" user to know that their details are known if they
didn't attempt the second login.

You also need to incorporate a time out to allow the first login to
automatically expire without needing a logout. If you use the same
timeout as the session timeout, then they will sync, but you will need
to update the DB on each page request.

A logout should clear the sessionid and the expiry info from the user table.


Richard Quadling
"Standing on the shoulders of some very clever giants!"
EE : http://www.experts-exchange.com/M_248814.html
EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp
Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731
ZOPA : http://uk.zopa.com/member/RQuadling

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to