Login/Password Problem

Results 1 to 7 of 7

Thread: Login/Password Problem

  1. #1
    Join Date
    Dec 1969
    Posts
    101

    Default Login/Password Problem

    I have a password protected site.<BR>I have a problem. Problem is that with one login/password more then one user can connect to site at a time. I want with one login/password only one user can connect to site at a time<BR>How can i solve this problem<BR>Any help sample code will be appreciated<BR><BR>Thanks in Advance

  2. #2
    Join Date
    Dec 1969
    Posts
    511

    Default RE: Login/Password Problem

    explain a lirrle more why only one user at a time and how do you currently store the passwords? is it NT level auth or ASP level???

  3. #3
    Join Date
    Dec 1969
    Posts
    101

    Default RE: Login/Password Problem

    Currently using database file to maintain login/Pass

  4. #4
    Join Date
    Dec 1969
    Posts
    2,854

    Default RE: Login/Password Problem

    You will need to set a flag in the db, so when a user logs in, set the flag for that user to "loggedin"<BR><BR>then, when another user tries to login, check the flag to see if that user is logged in already, if not, let them in, if so, tell them they are already logged in.<BR><BR><BR>Just remember that if a user doesn&#039;t physically log out,. you will need to destroy the flag somehow, so they don&#039;t stay logged in forever.<BR>To do this, you will need to keet a timestamp of when the user logged in, update the timestamp on each page request, and if the timestamp is older than 20 mins, reset the flag to "loggedout"<BR><BR>Hope that Helps.<BR>D.


  5. #5
    Join Date
    Dec 1969
    Posts
    511

    Default RE: Login/Password Problem

    Personally I have developed an NT Style login system which stores the usernames and passwords of the application in the databast. It also maintains a last login date field and an attempts field. Each time they submit an incorrect password it increases this by one if the value is three or more it denies login and locks the account fairly simple to do if you think about it.<BR><BR>This is one way to go about providing extra security. You could use cookies or an extra field to check "user currently logged in" and a login time. The issue with this is that if the user closed the browser window without logging out they would not be able to log back in. You might be able to tell the webserver to reset this value to logged out if the session was abandoned but whether or not this would work is another thing.

  6. #6
    Join Date
    Dec 1969
    Posts
    101

    Default How to catch logout event

    How to catch logout event to update database

  7. #7
    Join Date
    Dec 1969
    Posts
    2,854

    Default RE: How to catch logout event

    You can&#039;t, unless they click a logout button, and you manually abandon the session, and reset the flags....<BR><BR>read my last post.<BR><BR>http://www.aspmessageboard.com/forum/asp.asp?M=597494&F=20&P=1

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •