[ic] Controlling number of active sessions?

interchange-users@interchange.redhat.com interchange-users@interchange.redhat.com
Mon May 6 10:52:54 2002 

On Mon, May 06, 2002 at 07:13:05AM -0700, Tim Nelson wrote:
> 
> --- Jonathan Clark <jonc@webmaint.com> wrote:
> > > Might there be some way to control the number of
> > active sessions?
> > >
> > > More to the point.  The requirement is to:
> > >
> > > 1. Control the number of users entered in the
> > UserDB (this should be easy)
> > 
> > yes, I would do this at the tio of the new_account
> > page:
> > 
> > [sql query="SELECT count(username) FROM userdb"
> > list=1]
> > 	[tmp usercount][sql-code][/tmp]
> > [/sql]
> > 
> > [if scratch usercount > 10]
> > 	[bounce href=no_more_accounts.html]
> > [/if]
> > 
> > > 2. Make sure users can not share sessions.  I
> > guess the idea here would be
> > > if a user logs on expire all other sessions that
> > user is logged on with.
> > > (I know this is restrictive since the user
> > couldn't have more than one
> > > browser session open at once!)
> > 
> > I think this can be done by cookies. If you set the
> > expire information on
> > the cookie it will be written to disk on the client
> > and therefore will be
> > passed back by the other browser instances, ensuring
> > a single session. The
> > workaround for the user is to open a different
> > browser for the second
> > session, eg. IE then NS.
> > 
> > I think users who don't have cookies enabled should
> > get only one session
> > anyway.
> > 
> > Jonathan
> > Webmaint.
> 
> 
> Jonathan,
> I don't think you understood my question.  I want
> to see if there is a way to stop a user from
> logging in as the same user on two different PC's.
> That way I can count the number of active user
> sessions and disallow anyone to log in if they
> are over a certain number.  In other words, allow
> them to add 100 users, but only allow (say) 10 unique
> sessions active at a time.
> 

Hmmm, an AOL user looks typically like they come from a
number of different machines.  That might make your life
harder.

It sounds more like you want some sort of counter
per "account", eg:
account1=>{
  allowed=>10,
  open=>5,
  sessions=>{
    XY123=>'timestamp',
    AB234=>'timestamp',
    etc...
    },
  },
account2=>{
  allowed=>20,
  open=>7,
  sessions=>{
    QW123=>'timestamp',
    RTabc=>'timestamp',
    etc...
    },
  }

You could write a usertag that would maintain this state.  We did
something like that to maintain track of unique items in carts
using DataDumper.  Autoload or some such to make sure it works in
every page, expire sessions from your counter according to timestamp.
You will probably want a more complex datastructure to "index" it.



  
> 
> 
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Health - your guide to health and wellness
> http://health.yahoo.com
> _______________________________________________
> interchange-users mailing list
> interchange-users@interchange.redhat.com
> http://interchange.redhat.com/mailman/listinfo/interchange-users

-- 

Christopher F. Miller, Publisher                               cfm@maine.com
MaineStreet Communications, Inc           208 Portland Road, Gray, ME  04039
1.207.657.5078                                         http://www.maine.com/
Content/site management, online commerce, internet integration, Debian linux