[nycphp-talk] Denying multiple logins to restricted pages
Jon Baer
jonbaer at jonbaer.net
Wed Feb 26 16:34:39 EST 2003
Your best bet is to use session handling with a database to create an AAA
type of system and have the session handler modify the log in and out flags
of a user ...
For more info ...
http://www.php.net/manual/en/function.session-set-save-handler.php
When the 2nd user attempts to write a session check to make sure they are
not already logged in w/ other credentials.
- Jon
----- Original Message -----
From: "Ophir Prusak" <ophir at prusak.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Wednesday, February 26, 2003 10:24 AM
Subject: [nycphp-talk] Denying multiple logins to restricted pages
> Hi All,
>
> I'm creating a site that requires people to register and login for access
to
> certain pages.
> I want to stop users from giving out their username/password to other
people
> by denying access to more than one person using the same username at the
> same time.
>
> I have a few ideas in my head, but would really like to hear from others
> that may have already tackled this problem and what solution they came up
> with.
>
> Also, I'm still debating what to do when I find out that indeed two (or
> more) people are trying to use the same username.
> Do I deny the latest attempt ?
> Do I accept the latest attempt and then reject requests from all other
> people using the same username ?
> etc.
>
> Ophir
>
>
>
>
> --- Unsubscribe at http://nyphp.org/list/ ---
>
>
>
More information about the talk
mailing list