Logs one machine at a time

A user logs in from one machine at a time

Logs one machine at a time

Guide and demo one machine time:
Set a key in your session that you store in the database in the user table:

Table User:

– user_id
– username
– password
– token

On Login:

– Create random token, set for that user in database and create a session have value is that token:
– UPDATE user SET token=’MyRandomToken’ WHERE username=’username’ and password=’password’;
– $_SESSION[‘login_token’] = ‘MyRandomToken’;

On every page:

– SELECT user_id, username, token FROM user WHERE token=’$_SESSION[‘login_token’]’;
– If not found then the logiin token is no longer valid.

This makes sure that a login expires automatically if there is a newer login. There can be only one logged in user per account at any time.

A user logs in from one machine at a time


If you want to prevent a second login then using a timestamp that you update on every page is the best solution:

On login:

(Assuming MySQL:)

SELECT user_id
FROM user
WHERE username=’username’
AND password=’password’
AND last_access < DATE_SUB(NOW(), INTERVAL 10 MINUTE);

If a row was found then the account exists and the login is not blocked by another login. You might want to split that into two queries (first check login, then check last access) to give a better error message for failed logins, otherwise it’s either “account does not exist” or “blocked”.

On every page:

SET last_access=NOW()
WHERE user_id=’CurrentUserId’;

Thanks for watching!

(Note best answer: source stackoverflow)