• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 194
  • Last Modified:

what would be the best way to block a user from loggin in so that they can only login once every 24 hrs?

I am trying to limit users loggin into my website to only once every 24 hours. I am new to PHP so not sure what the calculation would look like. I do track when they logout which they must do or the work they do does not get saved. below is my logout script which updates the datetime feild in my DB. any insight would be greatly appreciated.
<?php
session_start();
include('config.php');
include('functions.php');
 
//update user logout time
$update = mysql_query("UPDATE users SET datetime=NOW() WHERE ID='".mysql_real_escape_string($_SESSION['user_id'])."'") or die(mysql_error());
/*print_r ($_SESSION['user_id']);*/
 
//Close session
$_SESSION = array();
header("Location: page.php");
 
 
?>

Open in new window

0
Natech-solutions
Asked:
Natech-solutions
  • 9
  • 8
1 Solution
 
Natech-solutionsAuthor Commented:
Here is my login script
<?php
session_start();
include('config.php');
include('functions.php');
 
	if(isset($_POST['Login']))
	{
		if($_POST['email']!='' && $_POST['password']!='')
		{
			//Use the input username and password and check against 'users' table
			$query = mysql_query('SELECT ID, Email, Active, datetime FROM users WHERE Email = "'.mysql_real_escape_string($_POST['email']).'" AND Password = "'.mysql_real_escape_string(md5($_POST['password'])).'"');
			
			if(mysql_num_rows($query) == 1)
			{
				$row = mysql_fetch_assoc($query);
				if($row['Active'] == 1)
				{
					$_SESSION['user_id'] = $row['ID'];
					$_SESSION['logged_in'] = TRUE;
					header("Location: vote.php");
 
				}
				else {
					$error = 'Your membership was not activated. Please open the email that we sent and click on the activation link';
				}
			}
			else {		
				$error = 'Login failed !';		
			}
		}
		else {
			$error = 'Please user both your username and password to access your account';
		}
	}
?>

Open in new window

0
 
syedasimmeesaqCommented:
If you want to have them login once in 24 hours you may do this. Make another field in your database & call it for example lockfield. Then when a user logs in update the field with now(), you want date and time.
Then write a small script that will reset this field back to something that you can use to flag to let system know that it is ok to let the user in now. I used in this example 0
so something like this
$lockquery= "UPDATE survey SET lockfield=0 WHERE lockfield < NOW() - INTERVAL  24 HOUR";
$lockrun= mysql_query($lockquery) or die(mysql_error());

Now set up crontab or task scheduler (depending on your OS) and run the above code file every 24 hours.
hope this helps
thanks
0
 
Natech-solutionsAuthor Commented:
Thats a great Idea and probally the most  simple, but I do not have control over the server, it is on a shared hosting server so I don't have access to cron or task scheduler?
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
syedasimmeesaqCommented:
If you could, contact your hosting comapny and give them your script that you want to run. Hopefully they would be able to help you.
Good luck
0
 
Natech-solutionsAuthor Commented:
what about checking during the login agianst there timestamp? Is there away to create a function I could check against?
0
 
syedasimmeesaqCommented:
what you can do is to flag a field if the password and login validates. Then after the user logsout or session expires sets it to another flag like I suggested above. However, one more thing you would need to do here, before the login you will check in some sequence like this $lflaggedfield < NOW() - INTERVAL  24 HOUR, and if that sets true, then allow the user to proceed with logon

Hope this helps
Thanks
0
 
Natech-solutionsAuthor Commented:
another great Idea, going to give it try, I think I understand but might have to play with it a bit.

is NOW() a preset function in PHP and/or MySQL? can my flaggedfeild be my logout time stamp,
0
 
Loganathan NatarajanLAMP DeveloperCommented:
better note down whenever user login to the system as entry time, once they logout/exit.. just have not of it... if they comeback .. just check with current time whether they have already logged in or not...
0
 
Natech-solutionsAuthor Commented:
were did i go wrong keeps erroring out, and will this even work?

$query = mysql_query('SELECT "'$_SESSION['user_id']'" FROM users WHERE  `logout` > \'NOW() - INTERVAL 24 HOUR,\''");

Open in new window

0
 
syedasimmeesaqCommented:
Try this
$query = mysql_query("SELECT '".$_SESSION['user_id']."' FROM users WHERE  logout = NOW() - INTERVAL 24 HOUR");

Thanks
0
 
syedasimmeesaqCommented:
$query = mysql_query("SELECT '".$_SESSION['user_id']."' FROM users WHERE  logout = NOW() - INTERVAL 24 HOUR");

assumes logout is a field in your table users.

Thanks
0
 
syedasimmeesaqCommented:
will this even work?

that depends on how are you setting your logout field. If the field is in this format
12-21-2007 12:11:34, then yes the above should work
0
 
syedasimmeesaqCommented:
oops notice something
change query to this

$query = mysql_query("SELECT '".$_SESSION['user_id']."' FROM users WHERE  logout < NOW() - INTERVAL 24 HOUR");
0
 
Natech-solutionsAuthor Commented:
My Feild is logout and is in the format 12-21-2007 12:11:34 . I am trying it now, thanks for your input.
0
 
Natech-solutionsAuthor Commented:
IT WORKED!! thanks for help I have been struggling for hours :)
below is how I finished it up, let me know your thoughts.
<?php
session_start();
include('config.php');
include('functions.php');
 
checkLogin('1 2');
 
	
//check log status
$query = mysql_query("SELECT '".$_SESSION['user_id']."' FROM users WHERE  logout < NOW() - INTERVAL 24 HOUR");
if(mysql_num_rows($query) == 1)
 
	header("Location: members.php");
 
else
	echo ('Your have already logged out today please wait 24hrs')
	
?>

Open in new window

0
 
syedasimmeesaqCommented:
Looks good.

Glad to be of help.
0
 
Natech-solutionsAuthor Commented:
Thanks for help, I really appreciate your quick responses, and ideas, and for fixing my query.I am really new at PHP and have trouble with SQL statments within  PHP, the ' " really messes me up.

Thank you again
0
 
syedasimmeesaqCommented:
Thank you for the points
God bless you
0

Featured Post

Take Control of Web Hosting For Your Clients

As a web developer or IT admin, successfully managing multiple client accounts can be challenging. In this webinar we will look at the tools provided by Media Temple and Plesk to make managing your clients’ hosting easier.

  • 9
  • 8
Tackle projects and never again get stuck behind a technical roadblock.
Join Now