发表新帖
发表新帖

Sharing session between two different web browser

前端 未结
关注
3 968
無奈伤痛
無奈伤痛 2020-12-21 06:39

I want to make a PHP web application in which on a single PC there can only be one authentication session at a time i.e. User A login using

相关标签:
3条回答
  • 北恋
    2020-12-21 07:18

    You can make the login script such that as to it checks on login whether the user is already looged in or not. If logged in then it will reject any more further logins.

    As said above PHP can store session ids in databases. Check the database for existance and then allow or disallow based on that.

    0 讨论(0)
  • Happy的楠姐
    2020-12-21 07:29

    You can accomplish this task (assuming your working with general users, who doesn't try to spoof User-Agents and other tricks) by using a signature algorithm which identifies a device. Your algorithm can have as many variables as you see fit.

    For example REMOTE_ADDR, USER_AGENT. Other special variables can be obtain by executing a flash based code on the client side. As each request comes in you can compare it with existing keys that are authenticated and if you get a new session where all variables match except a Browser String you can safely assume its the same user using a different browser.

    You must collect extra variables using a flash component for this to work. the variables available via $_SERVER is not sufficient. Because there could be users behind proxies and you do not want to identify them as false positive.

    0 讨论(0)
  • 礼貌的吻别
    2020-12-21 07:37

    Theoretically, you could do this using session_id() and a database entry, although security will be tricky since a malicious user could try generating random session IDs to mimic a logged-on user's session.

    Session information is stored in a cookie in the client's browser, with a specified ID. By storing that ID and a JSON string of the data, whenever it's updated, various users could conceivably share the same data. They'd all have to poll the server once in a while to see if the data has been changed.

    But at that point, you don't need to use $_SESSION anymore, so it's pretty much defeated the purpose of your question. You can get the same behavior with regular variables, which would already be a security improvement.

    Short answer: No, that's not the point of sessions.

    0 讨论(0)
 看不清?
提交回复
热议问题