This is my solution. shema http://gist.github.com/289418
myUser http://gist.github.com/289424 then insert this filter before the security filter http://gist.github.com/289425 On Jan 29, 12:31 am, "yth" <digital_...@yahoo.com.hk> wrote: > Dear ken, > > Is this possible to avoid modifiying the database schema? > I am not using sfGuardUserPlugin but I am thinking like this: > > 1. Somebody logins > 2. His login id (member id) and password are first checked and they are > correct > 3. An attribute member_id is set to his member id in the session > 4. He forgot to logout and later logins in another computer or same computer > but different browser > 5. His login id (member id) and password are first checked and they are > correct > 6. Scan for all sessions and check if there is one having member_id > attribute set to his member id > 7. If there is one, kill that old session > 8. A session attribute member_id is set to his member id in the new session > > Is this solution feasible? But I don't know how to do steps 6-7. > > > > ----- Original Message ----- > From: "ken" <marfillas...@gmail.com> > To: "symfony users" <symfony-users@googlegroups.com> > Sent: Thursday, January 28, 2010 11:15 PM > Subject: [symfony-users] Re: Making sure a login id only has one session at > > any moment > > The best solution for this is use database session. Add session_id > column in the Profile table. This field has to be set during login. So > if you are using sfGuardUserPlugin, you can override the signIn method > in myUser. With the session_id at hand you will be able to check if > user is signed in in another machine via the Session table. > > You will also need to take account of the remote host. > > On Jan 28, 10:15 pm, DEEPAK BHATIA <toreachdee...@gmail.com> wrote: > > I think you can set a field in database setting login status to true. > > Now if the person again logs in and you find from database, you can > > take him to the logout screen/error screen. > > > On Thu, Jan 28, 2010 at 7:27 PM, Tom Ptacnik <to...@tomor.cz> wrote: > > > Why do you want to kill his old session? > > > > On 28 led, 04:21, "yth" <digital_...@yahoo.com.hk> wrote: > > >> Dear all, > > > >> When a user logins, the controller calls the following function in the > > >> myUser.class. The problem is, if he doesn't logout but then logins in > > >> another computer/browser, the old session does not get killed. I tried > > >> to > > >> use setAuthenticated(false) on users who have already authenticated, > > >> hoping > > >> that his old session will get killed before he gets a new one. But it > > >> doesn't work. > > > >> Many thanks to you all. > > > >> // Viewable inhttp://pastebin.com/f765fff66 > > > >> public function login($loginId,$pwd){ > > > >> $member=MemberPeer::getByLoginIdAndPassword($loginId,$pwd); > > > >> if(!is_null($member)) { > > > >> if($this->isAuthenticated()) > > >> $this->setAuthenticated(false); // I would like to > > >> logout the user if he/she already has a session, but it doesn't work > > > >> $this->setAuthenticated(true); > > >> $member->setLastLoginAt(time()); > > >> $member->save(); > > >> $this->setAttribute('member_id', $member->getMemberId()); > > > >> return true; > > >> } > > >> return false; > > > >> } > > > > -- > > > You received this message because you are subscribed to the Google > > > Groups "symfony users" group. > > > To post to this group, send email to symfony-us...@googlegroups.com. > > > To unsubscribe from this group, send email to > > > symfony-users+unsubscr...@googlegroups.com. > > > For more options, visit this group > > > athttp://groups.google.com/group/symfony-users?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "symfony users" group. > To post to this group, send email to symfony-us...@googlegroups.com. > To unsubscribe from this group, send email to > symfony-users+unsubscr...@googlegroups.com. > For more options, visit this group > athttp://groups.google.com/group/symfony-users?hl=en. > > __________ NOD32 4813 (20100128) Information __________ > > This message was checked by NOD32 antivirus system.http://www.eset.com -- You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-us...@googlegroups.com. To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en.