hi friends,


How To Block Parallel Login?
How to block parallel login? How can I block multiple login attempts in to a single account, when that user have already logged in? Like... Yahoo/Hotmail email accounts...

1. When I logged in, using <username: russell> & <password: 123> from <my pc: xunit>
2. Until I logout or close my browser, the system should not allow me to login again from <my pc: xunit> or from any other pc, using same <username> and <password>.

How can I solve my problem?

hi friends,
How To Block Parallel Login?

You can keep a list of who is logged in,
or you can use a cookie.

A session variable won't do it because each
session would have its own value.

You can keep a list of who is logged in,
or you can use a cookie.

A session variable won't do it because each
session would have its own value.

Cookie will not help at all because a second login attempt may come from a different browser.

You just need a database table where you keep the data about logged-in users like username, login_time, browser, ip_address

You can always check against this table before you let a user to login.

Some issues have to be worked out like what if user logged in but then closed his browser. His login details will still be stored in the database while technically he is no longer logged in.

So if a user has not logged out using a logout link, it's hard to know if the user is still on your site or not.

hi,

thanks for the url, i didn't got any information in that site.

i can implement that in this way:


create a database for users.

when user logs in i will make an entry in my table.
when user logs out i will delete that entry.

the problem is when user closes the site using Alt + f4 or close group. the entry in table remains. and user can't login again.

any suggestion for this. or sample code which does this task.

Regards
akash

There is a way to deal with client closing a browser or just leaving the site. Use javascript and define onUnload() that would call your script via Ajax to notify your server that client is leaving, so your script can update the session table and mark that client as logged-out.

Call logout.php
I am assuming that you have written code for deletion in logout.php

define onUnload()
{
window.location ='logout.php';
}
This article has been dead for over six months. Start a new discussion instead.