Here is a possible solution, but I don't know if it will work for your purposes:
When a user logs in to your site, as part of the session store a random string (say a logincheck). Also insert this value into the database on the same row as the username/password is stored. Then on every page load check and make sure that "logincheck" string is valid. If someone tries to login again, the new "logincheck" will be stored in the database, and thus will make the first session invalid. The only drawback to this approach is that it logs out the first user, and doesn't notify the second user they shouldn't be logging in twice. It still does the job of allowing only one login per user quite effectively though. Jeremy On Tue, 2003-09-23 at 17:38, Ney André de Mello Zunino wrote: > Hello. > > Is there any facility in PHP's session management library which allows > one to have a full view of the active sessions? In other words, is it > possible to check the existance and value of a given session variable in > any of the active sessions? > > My goal is to make sure a user's access information is not used more > than once to log into the system. So, when a user submits the > authentication data, I would like to see if that login has already been > used, i.e., there is a session variable in some session storing the > login name and which contains the same value. > > At present, I can't think of another way of doing it other than directly > accessing the session files on /tmp (assuming session data is being > stored in files). But I don't like that idea quite so much. A cleaner > solution which I have also considered is to have a column in the users > table which indicates his login state. Before I go for the latter > approach, I would just like to learn from you whether what I asked is > possible. > > Thanks in advance, > > -- > Ney André de Mello Zunino -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
