Hello, I am writing a simple web site. I successfully made the register and log in pages, but now I want to allow only one session per username.
More detailed: When someone logs in a session starts.
If he tries to log in from somewhere else, I want the first session to drop before starting a new session.
How can I do that?
-I already thought of keeping the session ID in the database and change it when the user logs in from another computer. When he tries to go back to the first computer and clicks any link, it checks automatically if the session_id that it has is different compared to the one saved on the database. If it is, it automatically logs out. I could add timed sessions so if the user does not come back to his first computer it automatically closes the session etc.
Problem is that even if I do that, the server will be loaded with sessions that will never be used again until the sessions get timed out. Is there any way to close the session (lets say close a session by knowing its id)?
Any other ideas?
Categorized | Affiliate Marketing 101
Php Sessions. Need Some Help.?
Posted on December 31, 2012.
Session is a variable for storing information for each user on the server. When user close the browser window, active sessions will be automatically removed.
You can remove a session like this:
unset($_SESSION[‘User-ID’]);
Or remove all active sessions by executing this function:
session_destroy();
I cannot understand what’s exactly your problem?!!
_____________
Additional Answer:
You cannot remove a session from another computer.
Do this:
When each user log in, create a session pattern like this for example:
$session_pattern = md5($_SERVER[‘REMOTE_ADDR’].$user_email_…
And store it into database for each user.
Use session pattern for keeping user logged in. like this:
$_SESSION[‘user-access’] = $session_pattern;
When user log in from a different IP address, the old session will be invalid. Because the log in session pattern has been changed.