From: Robert Cummings on 15 May 2010 02:33 Jagdeep Singh wrote: > Hi! > > Thanks for all the replies... But may of the solutions are not for my > question. > > Friends! > > E.g. : If user1 has logged in Internet Explorer on IP adress (Say IP - A) > with MAC Adress (MAC-X) > Then No other user can login on that IP (IP-A) AND MAC Adress (MAC-X) on any > other browser say Firefox. > > I can stop any user to login more than one time at two different machines.. > > But I am unable to stop Multiple logins on same machine (ofcourse on > different Browsers) Because each browser has different SESSION and Cookie > system. > > I hope problem is very clear now.. Oh, I see... you don't even want 2 DIFFERENT users on the same computer to log in at the same time. Hah, you must be doing an online game or something. You cannot do what you want to do. Cheers, Rob. -- http://www.interjinn.com Application and Templating Framework for PHP
From: Lester Caine on 15 May 2010 02:39 Jagdeep Singh wrote: > Hi! > > Thanks for all the replies... But may of the solutions are not for my > question. > But I am unable to stop Multiple logins on same machine (ofcourse on > different Browsers) Because each browser has different SESSION and Cookie > system. As I have already said ... you need to maintain a list of 'logged in' machines in addition to the 'logged in' users. You check any new login against the machine list as well as the user list. You ARE right in that a different browser will not have the cookie settings, but in YOUR case, simply do not use browser based 'storage'. Store the settings so that authentication from a different browser will return the current logged in status. I'm not worried about different browsers, but if the browser 'connection' is lost, then reopening it and trying to log in again takes you back to the point where the connection was lost. Should work cross browser, and does work IE6 to IE7 or 8. -- Lester Caine - G8HFL ----------------------------- Contact - http://lsces.co.uk/wiki/?page=contact L.S.Caine Electronic Services - http://lsces.co.uk EnquirySolve - http://enquirysolve.com/ Model Engineers Digital Workshop - http://medw.co.uk// Firebird - http://www.firebirdsql.org/index.php
From: Jagdeep Singh on 15 May 2010 02:40 I am working on e-learning module... On Sat, May 15, 2010 at 12:03 PM, Robert Cummings <robert(a)interjinn.com>wrote: > Jagdeep Singh wrote: > >> Hi! >> >> Thanks for all the replies... But may of the solutions are not for my >> question. >> >> Friends! >> >> E.g. : If user1 has logged in Internet Explorer on IP adress (Say IP - A) >> with MAC Adress (MAC-X) >> Then No other user can login on that IP (IP-A) AND MAC Adress (MAC-X) on >> any >> other browser say Firefox. >> >> I can stop any user to login more than one time at two different >> machines.. >> >> But I am unable to stop Multiple logins on same machine (ofcourse on >> different Browsers) Because each browser has different SESSION and Cookie >> system. >> >> I hope problem is very clear now.. >> > > Oh, I see... you don't even want 2 DIFFERENT users on the same computer to > log in at the same time. Hah, you must be doing an online game or something. > You cannot do what you want to do. > > > Cheers, > Rob. > -- > http://www.interjinn.com > Application and Templating Framework for PHP >
From: Lester Caine on 15 May 2010 03:18 Jagdeep Singh wrote: > How can I define "Machine"? That IS the problem. As with a lot of this stuff - nothing was ever actually DESIGNED to work :( So $_SERVER["REMOTE_ADDR"] will block multiple machines if they are sharing the one connection. I've been lucky so far in that 'REMOTE_ADDR' CAN be resolved to a machine in my own case. This like 'tzoffset' is an area where the simplest basic functions actually need to be fixed. If you are working cross timezones have you considered the problem of knowing the right time where daylight saving is important. My users have to set their correct daylight saving zone in their profile. 'tzoffset' is no use. Both of these are areas that need fixing? ( As an aside ... some schools are now using 'virtual' desktops, so several pupils may WELL be working on the one 'virtual server' but each in their own sessions. This makes it impossible to identify the individual users as well ) -- Lester Caine - G8HFL ----------------------------- Contact - http://lsces.co.uk/wiki/?page=contact L.S.Caine Electronic Services - http://lsces.co.uk EnquirySolve - http://enquirysolve.com/ Model Engineers Digital Workshop - http://medw.co.uk// Firebird - http://www.firebirdsql.org/index.php
From: Ashley Sheridan on 15 May 2010 06:02
On Sat, 2010-05-15 at 08:18 +0100, Lester Caine wrote: > Jagdeep Singh wrote: > > How can I define "Machine"? > > That IS the problem. As with a lot of this stuff - nothing was ever actually > DESIGNED to work :( So $_SERVER["REMOTE_ADDR"] will block multiple machines if > they are sharing the one connection. I've been lucky so far in that > 'REMOTE_ADDR' CAN be resolved to a machine in my own case. > > This like 'tzoffset' is an area where the simplest basic functions actually need > to be fixed. If you are working cross timezones have you considered the problem > of knowing the right time where daylight saving is important. My users have to > set their correct daylight saving zone in their profile. 'tzoffset' is no use. > > Both of these are areas that need fixing? > > ( As an aside ... some schools are now using 'virtual' desktops, so several > pupils may WELL be working on the one 'virtual server' but each in their own > sessions. This makes it impossible to identify the individual users as well ) > > -- > Lester Caine - G8HFL > ----------------------------- > Contact - http://lsces.co.uk/wiki/?page=contact > L.S.Caine Electronic Services - http://lsces.co.uk > EnquirySolve - http://enquirysolve.com/ > Model Engineers Digital Workshop - http://medw.co.uk// > Firebird - http://www.firebirdsql.org/index.php > I explained off-list how you could do this. Create a hash of the machines IP and browser with the username of the logged in user: md5($ip . $browser . $username); And store that in the database when they log in. Now each time they perform an action, create a hash from those same bits of information again and check it against the one created when they logged in. You can't access their Mac address. Many people on the list have explained that to you now. I'm not sure why an e-learning module needs such strict requirements, as it's perfectly valid that a user might want to use more than one browser at a time. Thanks, Ash http://www.ashleysheridan.co.uk |