Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to Prevent Concurrent User Logins in PHP/MySQL Site?

Tags:

php

mysql

I am developing the user management portion of a website that will host a webcast. The goal is to prrevent the same user nam (email address) from being used concurrently. That is, we don't want two individuals using one login to view the event.

I've already setup a table that holds the user registration data with regID as primary key. My thought is to create a login history table with username as primary key, foreign key to user name in registration table. The login history table would simply timestamp when the user logs into the site. However, this won't accomplsih my goal of preventing more than one individual from using the same login name.

Instead, would it be better to have a login status field either in the login history or user table that is set to 1 for logged in and 0 for logged out? It would need a stored procedure to update the value at login and at logout, and would need to be validated when a user logs in such that if login status = 1, user already logged in and cannot login a second time. Is this a feasible approach?

Please share other methods you've used to prevent the same login credential from being shared amongst multiple individuals.

Thanks, Sid

like image 212
SidC Avatar asked Jul 25 '10 18:07

SidC

People also ask

How do I stop multiple logins from the same user in PHP?

To prevent the user from login on multiple systems or web browsers you need to generate a token on each successful login attempt. Need to check the token on each page. If the token does not match then destroy the SESSION and log out the user.

How do I stop concurrent logins?

Navigate to Product Settings → Connection → General Settings. Check the box next to Deny Concurrent Logins. Once enabled, the user will not be able to log in from another device at the same time. Other active sessions will not be affected by this change.

1 Answers

If it is OK to logout an already logged in user if someone else logs in with the same credentials then you could do the following: when a user logs in generate a random ID in your database for that user and the same in a cookie session. The two must match to authenticate.

like image 99
MrWhite Avatar answered Oct 23 '22 05:10

MrWhite
Sign in to Comment

Related questions

Opensubtitles hash function fails for large files
"Heavy" simultaneous users Nginx - Laravel - Google compute engine
The "--queued" option does not exist in Laravel 5.4
Undefined variable: _ENV in Laravel 5.3
PHP Openssl decrypt an AES Mysql Encryption
Laravel never ending EXEC
How to populate `identifier` and `providers` in Firebase custom authentication?
How can I get this Google Login ID Token from this Android app to verify server-side?
Why is in_array strict mode on integers slower than non-strict mode?
Very slow laravel homestead/vagrant/virtualbox on Mac OSX
Guzzle throwing RejectionException instead of ConnectionException on background process
Running xinc on OpenBSD's Apache Server
How do i backup a SQL database using PHP?
PostgreSQL + PHP + UTF8 = invalid byte sequence for encoding
Cookies/Sessions login system
How do I use the subscriber option?
PHP PECL_HTTP vs cURL Extension
Regular expression to match ">", "<", "&" chars that appear inside XML nodes
Plug and play login system?
Version control for PHP Development [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!