On May 22, 2010, at 3:37 PM, Robert Cummings wrote:

This was beaten to death last week. The solution is not possible because it's not about restricting a single user from logging over multiple machines, it about restricting a single computer to only one session (so running IE, Firefox, Opera, Safari on same computer with different users would not be allowed).


Karl DeSaulniers wrote:
Yeah. Don't be concerned about which browser. Just set up an active users table in your database that gets checked at login. Then it doesn't matter which machine or browser. Unless you know that the computers are giving the true ip, there is no way to keep a user from logging in with two account on the same computer. Otherwise add the active users ip to the active users table and check it as well on login
Easy peasey
Sent from losPhone
On May 22, 2010, at 12:34 AM, Gautam Bhatia <mail2gautambha...@gmail.com> wrote:
On Friday 14 May 2010 12:48 PM, Jagdeep Singh wrote:
Hi All!

I am looking for a solution, I want a user to do a single Login only on a PC

E.g. If a User has logged on my website website.com in Internet explorer, then he cant login on same website in another browser like Firefox etc with
same loginid or another.

Can I trace MAC address of a single machine to solve this issue?

Or is there a concept of GLOBAL COOKIE / Cross Browser Cookie which will
work for all browsers in a single machine..

I hope You will help me out


Jagdeep Singh
+91 9988009272

hi Jagdeep,
                I am not really sure , i got your question right but
there is something you can try if this helps, in the mysql dbase add
field like "loggedIn" , which can be true/false, when person logs in
change it to true , so even if the person is using other browser, you can check the value from dbase, if user is already logged in or not. If
that makes sense to you , good luck.

Gautam Bhatia

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

E-Mail Disclaimer: Information contained in this message and any
attached documents is considered confidential and legally protected.
This message is intended solely for the addressee(s). Disclosure,
copying, and distribution are prohibited unless authorized.

Sorry for the top posting.

Ah, I see. Don't mean to beat a dead horse.
I still stand by my suggestion though.
If you record the username and ip in an active user table,
then set a cookie on the computer that is cross referenced with the ip and username,
you will have a little better check system.

Also, if you set a fall back that say checks to see if the cookie is being reset or set for the first time or if the cookie has been deleted, you can kick them. Set the cookie to expire and be reset while in session to check to see if it changes while the user is logged in.

Basically, if you check for log-in status from the active user table and cross reference the ip, it will probably cover say 75% of the cases. Using the cookie and putting strict requirements for the cookie to have been pre-existing with the right ip or if it is being set for the first time, you will have a little more control. Plus you could create a blob of ips that is referenced with each username that can be cross referenced to see if a user has multiple ip sets or if two users have a similar ip. Thus a little more granular control on the computers accessing your site.

But like having an expensive painting in your house,
if the thief is going to put that much work in to get it, chances are they will.
Just make sure its insured. :)

Karl DeSaulniers
Design Drumm

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to