Dear ken,
Is this possible to avoid modifiying the database schema?
I am not using sfGuardUserPlugin but I am thinking like this:
1. Somebody logins
2. His login id (member id) and password are first checked and they are
correct
3. An attribute member_id is set to his member id in the session
4. He forgot to logout and later logins in another computer or same computer
but different browser
5. His login id (member id) and password are first checked and they are
correct
6. Scan for all sessions and check if there is one having member_id
attribute set to his member id
7. If there is one, kill that old session
8. A session attribute member_id is set to his member id in the new session
Is this solution feasible? But I don't know how to do steps 6-7.
----- Original Message -----
From: "ken" <marfillas...@gmail.com>
To: "symfony users" <symfony-users@googlegroups.com>
Sent: Thursday, January 28, 2010 11:15 PM
Subject: [symfony-users] Re: Making sure a login id only has one session at
any moment
The best solution for this is use database session. Add session_id
column in the Profile table. This field has to be set during login. So
if you are using sfGuardUserPlugin, you can override the signIn method
in myUser. With the session_id at hand you will be able to check if
user is signed in in another machine via the Session table.
You will also need to take account of the remote host.
On Jan 28, 10:15 pm, DEEPAK BHATIA <toreachdee...@gmail.com> wrote:
I think you can set a field in database setting login status to true.
Now if the person again logs in and you find from database, you can
take him to the logout screen/error screen.
On Thu, Jan 28, 2010 at 7:27 PM, Tom Ptacnik <to...@tomor.cz> wrote:
> Why do you want to kill his old session?
> On 28 led, 04:21, "yth" <digital_...@yahoo.com.hk> wrote:
>> Dear all,
>> When a user logins, the controller calls the following function in the
>> myUser.class. The problem is, if he doesn't logout but then logins in
>> another computer/browser, the old session does not get killed. I tried
>> to
>> use setAuthenticated(false) on users who have already authenticated,
>> hoping
>> that his old session will get killed before he gets a new one. But it
>> doesn't work.
>> Many thanks to you all.
>> // Viewable inhttp://pastebin.com/f765fff66
>> public function login($loginId,$pwd){
>> $member=MemberPeer::getByLoginIdAndPassword($loginId,$pwd);
>> if(!is_null($member)) {
>> if($this->isAuthenticated())
>> $this->setAuthenticated(false); // I would like to
>> logout the user if he/she already has a session, but it doesn't work
>> $this->setAuthenticated(true);
>> $member->setLastLoginAt(time());
>> $member->save();
>> $this->setAttribute('member_id', $member->getMemberId());
>> return true;
>> }
>> return false;
>> }
> --
> You received this message because you are subscribed to the Google
> Groups "symfony users" group.
> To post to this group, send email to symfony-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> symfony-users+unsubscr...@googlegroups.com.
> For more options, visit this group
> athttp://groups.google.com/group/symfony-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
"symfony users" group.
To post to this group, send email to symfony-us...@googlegroups.com.
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en.
__________ NOD32 4813 (20100128) Information __________
This message was checked by NOD32 antivirus system.
http://www.eset.com
--
You received this message because you are subscribed to the Google Groups "symfony
users" group.
To post to this group, send email to symfony-us...@googlegroups.com.
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en.
