Dear friends, I just noticed that i can login to my app with two different browsers. I don’t understand why this is allowed or how to stop it. I can see that PHP sesions and browsers are not helping us contain our users. Logout forms work but closing the bowser offers no way of knowing that the session has ended. I wish browsers were programmed to send a notice to the server that active sessions are being terminated.
Anyway, how can one prevent multiple logins?
i imagined a loggedin column in a database but that can’t work because of the browser closing situation.
Now i imagine that a members table should be renamed to memberschecklist table. Thus, i can see if you are a valid member with a valid password. If you are a valid member, then proceed to execute a new database query to a new table named membersloggedin. I imagine that we can store the loggedin members by username and perhaps a token. If a second login is attempted, then the username will already be in the loggedin table. Thus, a member can be challenged to delete this entry. However, this means that i have to continuously check the loggedin table on every restricted page.
Is there a professional method to detect multiple logins and stop the second login? is it possible to use JSON to alert that a browser has been closed?
Thank you.