One php code for check username and password and check if any username and password are used by many users - many different ip's at the same time check for same username and password -?

I have a program that call to a php file for check the username and password of my program...

Any script or code in php or other for check if any username and password is used by more than one ip at the same time?

For check if the username and password is passed to other persons...

Thanks in advance for the answers...
astrix2Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David FavorLinux/LXD/WordPress/Hosting SavantCommented:
This depends on how you store your user/pass data + how your track IP logins.

Sounds like this is all custom code, so how you accomplish all this will depend on additional code you write... as the only correlations between logins + IPs are implemented by your code, so no other code will understand the login to IP relationship.
astrix2Author Commented:
Thanks David...

But I believe is a general code.

if I make a program, this program when run call to a php archive sending the username and passsword registered in the program how parameters, anyhow this:

www.anyweb.com/check_user_pass.php?user=anyuser&pass=anypass

And here a code with a database that check the ip and the username and pass, and if any other ip has checked for the same username and password, how the cloud sites how depositfiles.com the php return an answer to the program block with various options:

1.- Change the password with a random code for generate new password, save in the database the new password, and send an email to the owner of the software - the database have the email of the client - for put the new password in the program

This option 1 is the more better solution for block username and password if the client of the program do to other persons or any person piracy your user and pass...

2.- Restrict the use of the program some time, I remember that rapidshare.com in the past block the use some hours, or some days, any time write in the php code...

Is complex, but is general for any software... I search for code with this, not problem if is needed pay some money...

But a complete check of username and password and check if same username and password are used for different ip's at the same time...

Any person know a php software with database of clients, make for check usernames and passwords and check if same username and password are used by different ip's at the same time...???

I think there must be some code to do all of this, it is generic in managing a software with its user and pass... Any know where locate a software how this, inclusive if no is freeware...?
astrix2Author Commented:
Not is very complex create a code for this, my problem is I not have many experience with mysql databases in web...

If are in pc, is simple create an access db with some fields how email of user, username, password, ip conection, date of connection...

And is only check for if the username and password are correct and not connect many users with same username and password from different ip's at the same time and a code for create a new password and send the new password to the user... Or block for some time the use of the software...

For more security, the php call also do any data for the program in pc work, if the username and password are bad or are many users with the same username and password at he same time, not send the important data for the program work...
Julian HansenCommented:
Typically you would create a session store in which you would store the userid and a token and potentially an expire date/time.

When the user logs on you check to see if they have an existing session and if it has expired - if it has you update the session table with the new session key and return this as a token to the logged on user in a secure HTTP only cookie. If it hasn't you reject the logon. If there is no session you create one and set the expire time to a reasonable timeout time (5 min / 10 min - it depends on your application and how it is used)

When you receive a request for a resource - you look for the session key based on the COOKIE token - if you find it and it is valid - you update the expire time.

This will effectively prevent multiple simultaneous logons with the same ID which is what I suspect you are asking.

If not then please clarify - it is difficult to understand what you are asking from your posts.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.