Home>Article>Backend Development> How to prohibit repeated login in php
How to prohibit repeated login in PHP: 1. Obtain the ID of the currently opened browser session; 2. Determine whether the session_id in the database is equal to the current session_id. If they are not equal, you need to jump to log in again.
The operating environment of this article: Windows 7 system, PHP version 7.1, DELL G3 computer
php prevents users from logging in repeatedly
Let’s first understand a few settings of the session:
ini_set('session.auto_start',0);
Set to turn off the automatic start of the session
ini_set('session.cookie_lifetime',0);
Set the session to be invalid when the browser is closed. The session is like this by default, no need to Settings
ini_set('session.gc_maxlifetime',3600);
Set the duration of the session when the browser is not closed
You probably know the above settings, so let’s start to understand today’s content. Whenever a user logs in to an account, he opens a browser and a session_id is automatically generated (unique within the validity period), and then we store this unique ID into the user table (the current session is updated every time he logs in) The value of session_id in the account user table). In this way, all interfaces after logging in need to determine whether the session_id() of the current browser is consistent with the session_id of the user table of the database. If they are inconsistent, it will show that the current account is online, and you need to log in again before you can reject his login. . (That is, only one user can log in at a time. Users who log in later will crowd out users who logged in to the account earlier)
For details, let’s take a look at the code: (For other codes that are not related to the code of this tweet, I I won’t go into details)
The first box: get the id of the currently open browser session and prepare for the following insertion and update of the only session_id in the database
Second box: Determine whether the session_id in the database is equal to the current session_id. If they are not equal, update the session_id in the current database. If they are equal, return 3 directly to the front-end ajax
In the index.php interface, this box indicates whether the current session_id() is equal to the session_id of the database. If not, it means that the current account has already logged in, and the session_id is not equal, and you need to jump again. Log in.
Recommended learning: "PHP Video Tutorial"
The above is the detailed content of How to prohibit repeated login in php. For more information, please follow other related articles on the PHP Chinese website!