Solved

How can I restrict one login per user...

Posted on 2001-08-02
18
500 Views
Last Modified: 2013-12-24
Let's say that user#1 wants to login using 'login' and 'password'.

The way that I have my login script working is that as many people can login at the same time using the same login name and password.

How do I restrict that to one login per session?
0
Comment
Question by:webmaster256
  • 7
  • 4
  • 2
  • +4
18 Comments
 
LVL 14

Expert Comment

by:SBennett
Comment Utility
If you add a column to your table called "Is_Logged_In", then you can enter a positive boolean value in "Is_Logged_In" column when the user logs in. then if he or someone else tries to log in using the same userid\password you will know if the userid/password is being used.
The tricky part about this is that the user must also log out to set the "Is_Logged_In" value back to a negative boolean value. And as we know, people don't always do what they are supposed to and if they didn't log out then they can't log back in because the database thinks they are still logged in.
Therefore you must also add another column named "Login_Date_Time", in this colum you enter the date\time that the user logged in. then you have a stored procedure that runs as often as you like to check how long people have been logged in. Choose a length of time that you know is too long for the person to be logged in. For this example situation we will say that the average session time for users on your site is half an hour. you can then set your stored procedure to find all the records with a positive boolean log in value that have been logged in for 2 hrs and update the "Is_Logged_In" column to a negative boolean value.

Does that make sense?

There are probably other ways to do it as well, but this is the first I could think of.

-Scott
0
 

Author Comment

by:webmaster256
Comment Utility
0
 

Author Comment

by:webmaster256
Comment Utility
What happened? I typed in a whole bunch of text, and it did not display!!!
0
 

Author Comment

by:webmaster256
Comment Utility
0
 

Author Comment

by:webmaster256
Comment Utility
Well, it does not want to display my code...

So how the heck am I supposed to get some help here when people cannot see my code?


Gordon
0
 
LVL 14

Expert Comment

by:SBennett
Comment Utility
sometimes EE is wierd like that. I've had trouble posting code in that past and usuall i can get around it by adding some more text to the beginning like an intro comment. or just reformatting the carriage returns and stuff.
0
 

Author Comment

by:webmaster256
Comment Utility
Well, it does not want to display my code...

So how the heck am I supposed to get some help here when people cannot see my code?


Gordon
0
 
LVL 19

Expert Comment

by:cheekycj
Comment Utility
try posting now.. I think EE just fixed its problems.

CJ
0
 

Expert Comment

by:MikeForbes
Comment Utility
If yo want to restrict a user from logging in more than once, I would start with making sure you are setting up a Session variable that carries the user name with them upon successfull login.  Then I would add code in your login script to also check if the login(user name) EQ the Session login name.  If it does, display a message that the username/combo is being used and/or re-route them back to the login screen.

I wouldn't necessarily go the database route, because you have much un-nucessary server calls and overhead.

Give it a try,

Mike
0
Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

 
LVL 14

Expert Comment

by:SBennett
Comment Utility
Mike,

The object of the question at hand is to stop multiple people (Potentialy on different computers) from logging in under the same username/password at the same time.
I don't see how this can be done by simply checking against the session scope.
0
 
LVL 6

Expert Comment

by:dash420
Comment Utility
Simple solution is added one fields in the your user validation table , some thing like is_login.


is_login char(1) default 'N'

while user login in get the user logs, so just run a query while submiting the form

something like

<cfquery name="qry_islogin" datasource="dsn">
  select is_login
  from your table
  where key(assume user_id) = '#cgi.remote_user#'
</cfquery>

<cfset login = #qry_islogin.is_login#>

<cfif login is "N">
    url.location "suceess fully login"
    called some template (run the query) that will
    update this user_id in ur table as "Y"
<cfelse>
    Gives soory message
</cfif>

while logout make taht fellow "N" again


 




0
 
LVL 14

Expert Comment

by:SBennett
Comment Utility
Dash,

That is the same suggestion i gave.

-Scott
0
 
LVL 5

Expert Comment

by:Yog
Comment Utility
this way , you see i can register twice, have 2 ids and login twice lol...

you got to think of force using cookies only
0
 
LVL 6

Expert Comment

by:dash420
Comment Utility
But I my mind in an organisation no user have more than one user id.

:-)
0
 
LVL 5

Expert Comment

by:Yog
Comment Utility
true. what you said makes sense. what kinda site is it?
0
 

Author Comment

by:webmaster256
Comment Utility
The site is going to be for online video viewing... All types; G, PG13, R, NC17, and XXX.

There is also a rating system in place which is about 2/3 done...

Here is the link...

http://coldfusion.dreamstudio9.com/dreamstudio9/login.cfm


Check it out... I'll soon have the code in a .txt page for all oyou to view and give your comments on... :)

Gordon


0
 
LVL 1

Accepted Solution

by:
_X_ earned 100 total points
Comment Utility
0
 

Author Comment

by:webmaster256
Comment Utility
Thanks X! I had been looking all over the place for something like that!

Gordon
0

Featured Post

Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

Join & Write a Comment

One of the typical problems I have experienced is when you have to move a web server from one hosting site to another. You normally prepare all on the new host, transfer the site, change DNS and cross your fingers hoping all will be ok on new server…
Periodically we have to update or add SSL certificates for customers. Depending upon your hosting plan you may be responsible for the installation and/or key generation. In the wake of Heartbleed many sites were forced to re-key. We will concen…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now