Solved

Prevent a same user id to login at diff place at the same time

Posted on 2002-03-20
11
177 Views
Last Modified: 2013-12-24
I want to prevent a same user id to login at diff place at the same time, how do I achieve this? Besides, using database, what other solutions can be use?
0
Comment
Question by:greenbean
11 Comments
 
LVL 2

Expert Comment

by:Cyril_H
ID: 6882142
If you're using sessions variables, you can store UserID in one of them and when the user login, just check for the existence of the session variables.

<CFIF IsDefined("Session.#UserID#")>
   User already logged in.
<CFELSE>
   <CFSET Session.#UserID# = "whatever">
</CFIF>


0
 

Expert Comment

by:manonng
ID: 6882305
hi

you can check against with a table which held all the current user ID at the login page.

manon
0
 
LVL 19

Expert Comment

by:cheekycj
ID: 6883015
IMHO, session check is better b/c if you flag a user in the DB as logged in.. how do you update that when the session expires and user never clicks logout.. (just closes the browser)

CJ
0
 

Expert Comment

by:webdiva69
ID: 6886972
I agree just set a session variable.
0
 

Author Comment

by:greenbean
ID: 6890423
My 2 cents: by using DB, I keep track of the user last login time in a track table. The entry is created when the user login, and if let say the user did properly log out, the entry will be deleted, else the entry remains in the table.

What the system does actually : upon a user login, the system will check the user current login time with the table entry(if any), if the current login time > (last login time + 30 mins), the login is valid, else is invalid.

So, if the user did not logout properly, he/she will not be able to login again til, let say 30 mins later (which is equiv to a session timeout period, probably).

The problem with this solution is, users very often forgot to logout properly, so they will be probably denied access very often.

Anyway, I'll tried out the session method and let u know the results!
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 19

Expert Comment

by:cheekycj
ID: 6891048
greenbean: Your solution is a good one and has been discussed as an alternative to the session one quite frequently the only con as you said is that if the user doesn't logout properly, they could be denied access upon next logon.

The key here is upon every page access you must update a last accessed flag in the DB. and your DB process that cleans out logged in users must check that flag and clean out those users at the same time their regular session time out must happen... which means this process must run frequently and the updates will be quite much too.  You start to depend too heavily on the DB, which to begin with is the bottleneck for most web sites when it comes to scalability.

CJ
0
 

Author Comment

by:greenbean
ID: 6891820
Ok, in this case, session would be a better solution. But, at the same time, how do I prevent improper logout without the use of DB?
0
 
LVL 19

Accepted Solution

by:
cheekycj earned 50 total points
ID: 6892309
What do you mean by "prevent improper logout" won't session expiry take care of that?
0
 
LVL 17

Expert Comment

by:anandkp
ID: 7176398
Hi there,

Incase u r not using sessions - then may be u could try this !!!

1. as soon as a user logs in - update a field in table as "loggedin = 'Y'"

2. now if the same user tries to log in from anywhere - just check [if the loggedin = 'Y'] before allowing a user to log in

if its equal to 'Y' - then throw him out - else log him in

simple !!!

K'Rgds
Anand
0
 
LVL 35

Expert Comment

by:mrichmon
ID: 10784609
No comment has been added lately, so it's time to clean up this question.
I will leave the following recommendation in the Cleanup topic area:

Accept cheekycj

Please leave any comments here within the next four days.

mrichmon
EE Cleanup Volunteer
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Most ColdFusion developers get confused between the CFSet, Duplicate, and Structcopy methods of copying a Structure, especially which one to use when. This Article will explain the differences in the approaches with examples; therefore, after readin…
Introduction This article explores the design of a cache system that can improve the performance of a web site or web application.  The assumption is that the web site has many more “read” operations than “write” operations (this is commonly the ca…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now