if a user opens my website url (x.com)
how can I prevent him from opening the same url (x.com) in another tab/window? (another browser is ok)
my application is all ajax, so there are no different links, the content of the page just changes all the time, and I can't have the user do 1 thing in 1 tab and another thing in another under the same sassion.
arcticM
Recommended Answers
Jump to PostHmm, that's interesting :D
I'm sure there are better ways, but I would log the user's IP Address and browser agent on login either in a DB, a session variable or in a separate text file, and every time they try to perform an action, check to see if they …
Jump to PostThere is no good way that I know of to do this. The real question I have is why can't you allow the user to have two instances of the same session open?
I did find a thread on SO that discusses a similar-sounding problem with an interesting solution:
All 6 Replies
adam.adamski.96155
43
Junior Poster
Hmm, that's interesting :D
I'm sure there are better ways, but I would log the user's IP Address and browser agent on login either in a DB, a session variable or in a separate text file, and every time they try to perform an action, check to see if they are already logged on, and if so check that they are using a different browser. However, this is a PHP minded solution, and your page is all Ajax, so maybe a more suitable answer will be found in the ajax forum. Good luck!
dcdruck
11
Light Poster
There is no good way that I know of to do this. The real question I have is why can't you allow the user to have two instances of the same session open?
I did find a thread on SO that discusses a similar-sounding problem with an interesting solution: http://stackoverflow.com/questions/2178604/preventing-multiple-browser-sessions-on-the-same-server-session
arcticM
I was thinking of something simpler like
if(isset($_COOKIE["PHPSESSID"])){
echo "can't open 2nd window";
}else{
//load page
}
but my session doesn't get destroyed for some reason.. even if I logout (and run session_destroy()..)
when I reopen the browser the session still exists..
in php.ini everything seems to be correct
session.auto_start = 0
I even added this before my sesion_start()-
session_set_cookie_params(0);
so I don't feel secure now using sessions for this check..
amy2389
0
Newbie Poster
I think you should be using $_SESSION instead of $_COOKIES. There is slight difference between the two; cookies retain information until deleted whereas sessions retain information till browser is active. Try doing this if it fulfills all your requirements.
arcticM
what can I use instead of the PHPSESSID? there's no such thing as $_SESSION["PHPSESSID"]
adam.adamski.96155
43
Junior Poster
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.