On Tue, Jul 16, 2002 at 01:57:51PM -0400, Monty wrote:
> Is there a standard method in PHP for preventing multiple people from using
> the same log-in username/password simultaneously on a membership site? Any
> suggestions are greatly appreciated.
My session management system uses a database backend. Each hit updates a
timestamp in the database, among other things. If the time of the new hit
is too long since the last hit, it denies access.
Now, if a person logs in again and their User ID is in the session table,
that means either their old session timed out or they're being hijacked.
Either way, terminate the old session and move what they were doing into
the new session.
THEN, if the person in the first session is still browsing, they'll get a
message saying their session was terminated. They'll be prompted for a
login. That successful login will terminate the second session.
--Dan
--
PHP classes that make web design easier
SQL Solution | Layout Solution | Form Solution
sqlsolution.info | layoutsolution.info | formsolution.info
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
