How to restrict multiple login using a single account.
This is a discussion on How to restrict multiple login using a single account. within the PHP Language forums, part of the PHP Programming Forums category; Hi all, In my project there is a requirement. If a user logged in at a time since he/she ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
05-22-2007
|
|||
|
|||
How to restrict multiple login using a single account.
Hi all,
In my project there is a requirement. If a user logged in at a time since he/she logged out others are not allowed to loggin using the same user name. That is to avoid multiple logins using a account. How to do this? I had got a idea and implemented. 1. When a user logs in storing the username, ip, login time to db. 2. When a User logs in i'll check the table whether the username exists in the table or not if yes i'll not allow the user to login else i'll allow to loggin. 3. When he logs out i'll delete the record from the table. Then he/ she can login again. But there is a problem in this the user can close the browser directly or right click in the taskbar and close it or by pressing Alt + F4. So for this i have to catch the things in Javascript and trigger the logout. Is is possible to catch the events in Javascript, if yes please provide me. Or Is there any other method to restrict multiple login using single account. Thanx in advance. Shankhar 
|
|
05-22-2007
|
|||
|
|||
|
Re: How to restrict multiple login using a single account.
shankhar wrote:
> Hi all, > > In my project there is a requirement. If a user logged in at a time > since he/she logged out others are not allowed to loggin using the > same user name. That is to avoid multiple logins using a account. How > to do this? > > I had got a idea and implemented. > > 1. When a user logs in storing the username, ip, login time to db. > 2. When a User logs in i'll check the table whether the username > exists in the table or not if yes i'll not allow the user to login > else i'll allow to loggin. > 3. When he logs out i'll delete the record from the table. Then he/ > she can login again. > > But there is a problem in this the user can close the browser directly > or right click in the taskbar and close it or by pressing Alt + F4. So > for this i have to catch the things in Javascript and trigger the > logout. > > Is is possible to catch the events in Javascript, if yes please > provide me. > > Or Is there any other method to restrict multiple login using single > account. > > Thanx in advance. > > Shankhar > There's no way to tell if the user closed his browser. Or turned off his computer, unplugged from his network or any of a number of things. You can use a short timeout, i.e. 15 minutes, and if they don't do something in that time period their session gets deleted. But one of the ones I like best is if one person logs on while another one is using that account, the first one is logged out automatically. It gets to be very annoying - and they soon stop sharing their account info with others. -- ================== Remove the "x" from my email address Jerry Stuckle JDS Computer Training Corp. jstucklex@attglobal.net ==================
|
|
05-23-2007
|
|||
|
|||
|
Re: How to restrict multiple login using a single account.
When a user logs in or clicks an option in their account, store the
current time in a database, if someone tries to log on to the same account, check to see if the last action they made was in the last 15 minutes. If it is, deny access. When the user clicks on logout, reset the time in the database. this way, if someone does close their browser then all they have to do is wait 15 minutes, and whilst the user is actively using their account, no-one else will be able to log in.
|
|
05-23-2007
|
|||
|
|||
|
Re: How to restrict multiple login using a single account.
Jerry has the right idea.
Having the user session time out is fine - but can be counter productive. Having the user logged out if someone else logs in is a good way to go since it alerts the user someone else has access to their account. Blizzard does that :) On May 22, 3:13 am, Jerry Stuckle <jstuck...@attglobal.net> wrote: > shankhar wrote: > > Hi all, > > > In my project there is a requirement. If a user logged in at a time > > since he/she logged out others are not allowed to loggin using the > > same user name. That is to avoid multiple logins using a account. How > > to do this? > > > I had got a idea and implemented. > > > 1. When a user logs in storing the username, ip, login time to db. > > 2. When a User logs in i'll check the table whether the username > > exists in the table or not if yes i'll not allow the user to login > > else i'll allow to loggin. > > 3. When he logs out i'll delete the record from the table. Then he/ > > she can login again. > > > But there is a problem in this the user can close the browser directly > > or right click in the taskbar and close it or by pressing Alt + F4. So > > for this i have to catch the things in Javascript and trigger the > > logout. > > > Is is possible to catch the events in Javascript, if yes please > > provide me. > > > Or Is there any other method to restrict multiple login using single > > account. > > > Thanx in advance. > > > Shankhar > > There's no way to tell if the user closed his browser. Or turned off > his computer, unplugged from his network or any of a number of things. > > You can use a short timeout, i.e. 15 minutes, and if they don't do > something in that time period their session gets deleted. > > But one of the ones I like best is if one person logs on while another > one is using that account, the first one is logged out automatically. > It gets to be very annoying - and they soon stop sharing their account > info with others. > > -- > ================== > Remove the "x" from my email address > Jerry Stuckle > JDS Computer Training Corp. > jstuck...@attglobal.net > ==================
|
|
05-24-2007
|
|||
|
|||
|
Re: How to restrict multiple login using a single account.
"PK006" <admin@pro-webs.co.uk> wrote in message
news:1179942552.732655.249660@w5g2000hsg.googlegro ups.com... > this way, if someone does close their browser perhaps even by mistake > then all they have to do is sit around doing absolutely nothing while they > wait 15 minutes, and whilst the user is actively using their > account, no-one else will be able to log in. I hope these people are not being paid by the hour :-) If some "project" did this to me I'd complain right up to the managing director to get it "fixed". -- Richard.
|
|
05-24-2007
|
|||
|
|||
|
Re: How to restrict multiple login using a single account.
Hi Shankhar
One way is to make sessiontimeout for 15 min and change show a dialog to user that is u wantto continue like that......if no response than change the status in db to notactive and give a chance to other..
|
|
05-24-2007
|
|||
|
|||
|
Re: How to restrict multiple login using a single account.
On May 22, 11:10 am, shankhar <shankha...@gmail.com> wrote:
> Hi all, > > In my project there is a requirement. If a user logged in at a time > since he/she logged out others are not allowed to loggin using the > same user name. That is to avoid multiple logins using a account. How > to do this? > > I had got a idea and implemented. > > 1. When a user logs in storing the username, ip, login time to db. > 2. When a User logs in i'll check the table whether the username > exists in the table or not if yes i'll not allow the user to login > else i'll allow to loggin. > 3. When he logs out i'll delete the record from the table. Then he/ > she can login again. > > But there is a problem in this the user can close the browser directly > or right click in the taskbar and close it or by pressing Alt + F4. So > for this i have to catch the things in Javascript and trigger the > logout. > > Is is possible to catch the events in Javascript, if yes please > provide me. > > Or Is there any other method to restrict multiple login using single > account. > > Thanx in advance. > > Shankhar There's the DOM event document.onunload. Maybe you could use it to send an ajax request that terminates the session. But it don't really know how reliable this would be. Good luck
|
|
05-24-2007
|
|||
|
|||
|
Re: How to restrict multiple login using a single account.
At Wed, 23 May 2007 23:57:34 -0700, carrion let his monkeys type:
> On May 22, 11:10 am, shankhar <shankha...@gmail.com> wrote: >> Hi all, >> >> In my project there is a requirement. If a user logged in at a time >> since he/she logged out others are not allowed to loggin using the >> same user name. That is to avoid multiple logins using a account. How >> to do this? >> >> I had got a idea and implemented. >> >> 1. When a user logs in storing the username, ip, login time to db. >> 2. When a User logs in i'll check the table whether the username >> exists in the table or not if yes i'll not allow the user to login >> else i'll allow to loggin. >> 3. When he logs out i'll delete the record from the table. Then he/ >> she can login again. >> >> But there is a problem in this the user can close the browser directly >> or right click in the taskbar and close it or by pressing Alt + F4. So >> for this i have to catch the things in Javascript and trigger the >> logout. >> >> Is is possible to catch the events in Javascript, if yes please >> provide me. >> >> Or Is there any other method to restrict multiple login using single >> account. >> >> Thanx in advance. >> >> Shankhar > > There's the DOM event document.onunload. > Maybe you could use it to send an ajax request that terminates the > session. > But it don't really know how reliable this would be. > > Good luck Only effective if the user closes the page && has Javascript enabled. Net outage, app or pc crash, cable disconnect, etc etc. won't be handled correctly. Just face the fact web apps have stateless user connections. I haven't seen a failsafe mechanism yet. Nowhere. (Except those using one-time key devices or keyculators) Simplest is (as suggested by others) when (a) user logs in using a given set of credentials, immediately close any open session matching them and inform about a new login from another address and offer the option to have their password reset and sent by mail. If they choose that option, block the other opened session as well. In case their creds were obtained without their approval, they ought to be pleased to find out their account details were nicked and should be changed immediately. Sh.
|
|
05-28-2007
|
|||
|
|||
|
Re: How to restrict multiple login using a single account.
On May 22, 2:10 pm, shankhar <shankha...@gmail.com> wrote:
> In my project there is a requirement. If a user logged in at a time > since he/she logged out others are not allowed to loggin using the > same user name. That is to avoid multiple logins using a account. How > to do this? <snip> FWIW <http://groups.google.com/group/comp.lang.php/msg/ 310fad0eef59415a> -- <?php echo 'Just another PHP saint'; ?> Email: rrjanbiah-at-Y!com Blog: http://rajeshanbiah.blogspot.com/
|
|
05-28-2007
|
|||
|
|||
|
Re: How to restrict multiple login using a single account.
On May 22, 2:10 pm, shankhar <shankha...@gmail.com> wrote:
> In my project there is a requirement. If a user logged in at a time > since he/she logged out others are not allowed to loggin using the > same user name. That is to avoid multiple logins using a account. How > to do this? <snip> FWIW <http://groups.google.com/group/comp.lang.php/msg/ 310fad0eef59415a> -- <?php echo 'Just another PHP saint'; ?> Email: rrjanbiah-at-Y!com Blog: http://rajeshanbiah.blogspot.com/
|
Linear Mode
