0

How can I make my website work like this:

User forgot to logout its account to PC1. Then he goes to PC2 and login the same account he uses to PC1. User successfully logs in to PC2 while its account in PC1 is autamatically logged out.

How is that?

3
Contributors
5
Replies
6
Views
6 Years
Discussion Span
Last Post by rakwel10
1

I think this is usually done by keeping sessions in the DB

logged table
user_id | session_id

When 2nd machine logged in, it overwrites the session_id, so the 1st machine no longer has a related record for its session.

Votes + Comments
useful post
0

Oh I see...
Hmm... my first thought is saving user's IP address that once change, it will logout.
How do you think is that?

0

You could do that, but you'd probably find that your users would get logged out without notice. This is because ISPs frequently change the IPs used by their customers. (This is what I've been led to believe - please correct me if I'm wrong).

IP logging probably wouldn't be the best way to do it.
My suggestion of storing the session_id in the DB should ensure that an user can only use one browser on one machine for one account.

Rem that different browsers on the same machine will have different session ids.

login process:

check user table for username and pw, 

if present check logged table for user_id
   if present overwrite session_id with the current session_id
else 
   add record to logged table (user id and session id)

page navigation:

check user_id and session_id against logged table

if present 
    they are logged in with the rights of that user
else
    they are not logged in (or no longer logged in - forced logout)

You'd need some cleanup process from time to time or your logged table would become ridiculously large. You could use a cron job every midnight to delete every entry that was a day old.


logged tabel:

user_id
session_id
last_activity (this is updated on every page impression)

Edited by diafol: n/a

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.