最受欢迎

我如何阻止多个用户登录与相同的电子邮件和密码一旦用户已经登录

how do i stop multiple user login with same email and password once user already logged

本文关键字:用户 登录 密码 电子邮件 何阻止 | 更新日期: 2023-09-27

我需要帮助我如何阻止多用户登录相同的电子邮件和密码一旦用户已经登录到网站,我有网站,但在我的网站我有两种会员订阅free or paid免费用户可以尝试从多个设备或pc或浏览器登录免费用户没有问题。

,但现在的问题是,我想限制付费用户,因为付费用户不应该只从多个设备或PC或浏览器登录后,付费用户从任何地方登录。当付费用户尝试登录时,系统应该自动从以前的浏览器或设备或pc注销付费用户?

例子* 

if paid user already login from chrome and user trying to login from firefox
then system should automatically destroy first session which is created 
from chrome. then allow paid users to use their account in firefox.

Here My Test Script

index . php 

<form action="verifylog.php" method="post">
<input type="text" name="email1" /><br />
<input type="password" name="password1" /><br />
<input type="submit" value="Submit" />
</form>

Verifylog.php 

session_start();
include('config.php');
if(empty($_POST['email1']))
{
header('Location:index.php');   
}
$email=$_POST['email1'];
$password=$_POST['password1'];
$querymysql=mysql_query("select * from users where uemail='$email' 
and upass='$password'") or die ("query problem");
$row=mysql_fetch_array($querymysql);
$db_email1=$row['uemail'];
$db_pass=$row['upass'];
$db_status=$row['ustatus'];
if($row>0){
$_SESSION['new_email']=$db_email1;
$_SESSION['new_pass']=$db_pass;
$_SESSION['new_status']=$db_status;
$_SESSION['logged_in'] = 'active';
if(isset($_SESSION['logged_in']) || !empty($_POST['email1']) )
{
$query_time=mysql_query("UPDATE users SET ustatus='".$_SESSION['logged_in']."'
WHERE uemail='".$email."'");
header('Location:test.php');
}
}
if($db_status==$_SESSION['logged_in'])
{
header("location:logout.php");  
}
else 
{
$msg="please check your email and password";    
$_SESSION['error_msg']=$msg;
header('Location:index.php?error='.$_SESSION['error_msg'].'');
}

Test.php 

<?php 
$querymysql=mysql_query("select * from users 
where  uemail='".$_SESSION['new_email']."'") or die ("query problem");
$row=mysql_fetch_array($querymysql);
?>
Hello Mr. <?php echo $row['uemail']; ?> <br />
Your Email Is &nbsp; <?php echo $row['uemail']; ?> <br />
Your Password Is &nbsp; <?php echo $row['upass']; ?> <br />
Your Status Is &nbsp; <?php echo $row['ustatus']; ?> <br />
Here Your Can Logout Your Account: <a href="logout.php">Click Here</a>

Logout.php 

<?php 
session_start();
include('config.php');
if(!empty($_SESSION['logged_in']) || !empty($_POST['email1']) )
{
session_destroy();
$query_time=mysql_query("UPDATE users SET ustatus='inactive' 
    WHERE uemail='".$_SESSION['new_email']."'");
header("location:index.php");
}
?>

谢谢大家我已经完成了我的脚本

这里我完成了如果任何Web开发人员需要它

how to prevent multiple user login with same email and password once user 
already logged from multiple pc or browsers

index . php 

<form action="verifylog.php" method="post">
<input type="text" name="email1" /><br />
<input type="password" name="password1" /><br />
<input type="submit" value="Submit" />
</form>

Verifylog.php 

session_start();
include('config.php');
if(empty($_POST['email1']))
{
header('Location:index.php');   
}
$email=$_POST['email1'];
$password=$_POST['password1'];
$querymysql=mysql_query("select * from users where uemail='$email' 
and upass='$password'") or die ("query problem");
$row=mysql_fetch_array($querymysql);
$db_email1=$row['uemail'];
$db_pass=$row['upass'];
$db_status=$row['ustatus'];
$db_sessionid=$row['session_id'];

$old_sessionid = session_id();
$new_sessionid = session_regenerate_id(true);
$_SESSION['newregid']=$new_sessionid;
$_SESSION['odlregid']=$old_sessionid;
$_SESSION['new_email']=$db_email1;
$_SESSION['new_pass']=$db_pass;
$_SESSION['new_status']=$db_status;

if(!empty($old_sessionid))
{
$query_time=mysql_query("UPDATE users SET session_id='".$old_sessionid."' 
WHERE uemail='".$email."'");
header('Location:test.php');
}
else if($db_sessionid!=$_SESSION['odlregid'])
{
$query_time=mysql_query("UPDATE users SET session_id='".$new_sessionid."' 
WHERE uemail='".$email."'");
header('Location:test.php');
}

Test.php 

<?php 
$querymysql=mysql_query("select * from users 
    where uemail='".$_SESSION['new_email']."'") or die ("query problem");
$row=mysql_fetch_array($querymysql);
$new_id=$row['session_id'];
if($new_id!=$_SESSION['odlregid']){
unset($_SESSION['odlregid']);
session_destroy();
header("location:index.php");
} else { ?>
Hello Mr. <?php echo $row['uemail']; ?> <br />
Your Email Is &nbsp; <?php echo $row['uemail']; ?> <br />
Your Password Is &nbsp; <?php echo $row['upass']; ?> <br />
Your Status Is &nbsp; <?php echo $row['ustatus']; ?> <br />
Your Session_Id Is &nbsp; <?php echo $row['session_id']; ?> <br />
Here Your Can Logout Your Account: <a href="logout.php">Click Here</a>
<?php }?>

Logout.php 

    <?php 
session_start();
include('config.php');  
header("location:index.php");   
?>

将会话id与用户一起放在数据库中,并在每次登录时写入一个新的会话id。作为select语句的一部分,请使用session_id作为条件,任何失效的会话将不再有效。

这是一种简单的方法,您可以尝试:-

1)。存储browser_name &Mac_address以及用户名、密码、状态(1->loggedin;0->notloggedin)列在表中

2)。在登录时,保存一个cookie与用户名,browser_name,mac_address,状态&还可以更新表列中的相同值。

在页面加载之前,检查这个

3)。在每个页面的头部,从db中获取用户名,browser_name,mac_address,并将其与存储在cookie中的值进行匹配。如果匹配则继续会话,如果不匹配则结束会话。

每当用户尝试从chrome登录时,它将更新db中的值,如果页面刷新发生在Firefox上,cookie和db的值将不匹配,导致自动注销。希望对你有帮助。

或者您可以通过存储&匹配随机生成的唯一会话id。

你的答案几乎是正确的,但他们有一些错误,下面是需要添加到你的文件中的更改:

1) Test.php 

session_start();
include('config.php');

2) Logout.php 

session_start();
unset($_SESSION['odlregid']);
session_destroy();

我不确定这是否有效,但是您可以在数据库中为付费用户保存会话变量。如果他们再次登录,首先取消该会话并创建一个新的会话。

  1. 在数据库中保存PHP会话。您可以在这里参考数据库
    2. 中PHP会话的详细信息
  2. 链接用户会话与会话ID在数据库和从前端,触发ajax调用,不断检查会话的有效性。
  3. 如果在任何时间点此有效性打破,然后强制注销,并显示一些消息给用户,您已登录到另一个设备/浏览器。
相关文章:
最新更新
www.56WenDa.com 2012-2023 | php问答网 | php学习