Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How to prevent users to use same login as the same time

Status
Not open for further replies.
olchik

olchik

Programmer
Jan 6, 2006
93
0
0
US
Hello,

Please help me with this problem I need to preserve security t.e. so 2 people cannot login to the same site with the same username and password at the same time.

I know how to put flag. I am thinking to have a field in DB where I put 1 once person logs in, but I don't know how to turn it back to 0 once the session is over.

Do you have an ideas how can I do that?

Thank you very much!
 
Sort by date Sort by votes
Hi,

It's Cold FUsion 4.5...will go to MX soon.
Is there any efficietnt way to do so?

Thank 's lot!
 
Upvote 0 Downvote
olchik, I actually wrote this for my work a few weeks ago. Unfortunetly I don't think I have a copy of the code with me. I can post it Monday morning, if you'd like.

____________________________________
Just Imagine.
 
Upvote 0 Downvote
Hi,GUJUm0deL

Monday will do. I cannot do anything until Monday anyway. Thank you so much for your help!

Have a good weekend!
 
Upvote 0 Downvote
Hi, GUJUm0deL

Were you be able to find the code for this question?
Anybody...did you do something like this? Any ideas?

Thank you!

 
Upvote 0 Downvote
olchik, I don't know what your setup is like, but this should work for you as well. What I basicall did was once the user logs in I create session vars that holds the username, firstname, lastname, accesslevel, email, and role. Then I created an application var that holds onlu the username. To prevent the user from double-login, or two ppl from using the same loginid, you do a CFIF that checks for the form.username is eq to application.username.

Code: 
<!--- PREVENT DOUBLE-LOGGIN --->
<cfif isdefined("Application.User.Username") and "#Application.User.Username#" EQ "#form.Username#">
	<cflocation url="sendError.cfm?Error=1" addtoken="no">
</cfif>

<!--- CHECKS TO SEE IF THE SUBMIT BUTTON WAS CLICKED AND THE USERNAME/PASSWORD FIELDS ARE NOT NULL --->
<cfif isdefined("FORM.Login") and FORM.Username NEQ "" and FORM.Password NEQ "">
	<!--- CREATES A STRUCT THAT HOLDS THE USER INFO --->
	<cfscript>
		Session_User = StructNew();
		Session_User.Username = trim(FORM.Username);
		Session_User.Password = trim(FORM.Password);
	</cfscript>
	
	<!--- CHECK USERINFO TO SEE IFTS VALID  --->
	<cfquery name="GetLogin" datasource="#DB#">
		SELECT	U.*
		FROM 	Users U
		WHERE	U.Username = '#Session_User.Username#' and U.Password = '#Session_User.Password#'
	</cfquery>
			
	<!--- STORE SESSION VARS TO BE USED THROUGHOUT THE SESSION --->
	<cflock scope="SESSION" timeout="20" type="EXCLUSIVE">
		<cfset Session.Session_User = StructNew()>
		<cfset Session.Session_User.User_ID = GetLogin.User_ID>
		<cfset Session.Session_User.Username = GetLogin.Username>
		<cfset Session.Session_User.FirstName = GetLogin.First_Name>
		<cfset Session.Session_User.LastName = GetLogin.Last_Name>
		<cfset Session.Session_User.Email = GetLogin.Email>
	</cflock>
	
	<!--- STORE APPLICATION VARS TO BE USED THROUGHOUT APPLICATION --->
	<cflock scope="APPLICATION" timeout="20" type="EXCLUSIVE">
		<cfset Application.User = StructNew()>
		<cfset Application.User.Username = GetLogin.Username>
	</cflock>
</cfif>

Lemme know if you have any questions...

____________________________________
Just Imagine.
 
Upvote 0 Downvote
Hi,

will this code prevent from logging in from different computer?

Thank you very much?
 
Upvote 0 Downvote
It should. The application scope holds the username and your checking if the form.username is eq to application.username. Do a little test and see what happens.




____________________________________
Just Imagine.
 
Upvote 0 Downvote
Yes! It works! At least on my computer:)
My boss is out today. Wll let him test from his computer when he gets back.

Thank you very much for your help!
Olchik
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

RosieGp
  • Locked
  • Question
How to read string of 0s and 1s 1
Replies
3
Views
140
LyndonOHRC
LyndonOHRC
FALCONSEYE
  • Locked
  • Question
Error: no known VMs. (check for corrupt jvm.cfg file) !!! How I Fixed It !!!
Replies
0
Views
162
FALCONSEYE
FALCONSEYE
Mike Lewis
  • Locked
  • Question
Using Dreamweaver to maintain a site not created in Dreamweaver
Replies
2
Views
138
Mike Lewis
Mike Lewis
oshinwa
  • Locked
  • Question
Which Call collector should I use and which one is compatible with my Ericsson BP250?
Replies
0
Views
104
oshinwa
oshinwa
lwfg
  • Locked
  • Question
getting form values from ColdFusion programn to asp.net program
Replies
2
Views
74
LyndonOHRC
LyndonOHRC

Part and Inventory Search

Sponsor

Back
Top