Bob McConnell wrote:
Web servers can only identify computers, not users. You will need
something else to track which user started a specific application on a
particular computer, probably a fingerprint scanner next to the
keyboard. But that won't prevent someone else from replacing the entity
between the keyboard and the chair after they log in. Plus, it is
unlikely that will be useful in a true multi-user environment. There are
simply too many possible ways to get around your restrictions.

Isn't it simple to associate a single session ID with a username? User logs in, place username and session ID in active users table and invalidate any others for same user. When user accesses page check session ID against entry in active users table. Richard Quadling has it right. This is not complicated, but it sounds like people are making it so. The user identified themselves via login.

Application and Templating Framework for PHP

PHP General Mailing List (
To unsubscribe, visit:

Reply via email to