Hiya,

I've created login scripts which allow logging in via ID & password. And
this is done via searching through an oracle database to validate the ID
& password.

However, with one session opened for an ID & password, another sessions can
also be created with the same ID & password on different machines. What
can I do to prevent multiple logins of the same ID & password?

Cheers.

SiuMo

One thought comes to mind:
Add another field to your table, and when user logins set the field, when
user log out or in Session_OnEnd reset the field.

Sergey.

"SiuMo" <siumo@hotmail.com> wrote:
>
>Hiya,
>
>I've created login scripts which allow logging in via ID & password. And
>this is done via searching through an oracle database to validate the ID
>& password.
>
>However, with one session opened for an ID & password, another sessions
can
>also be created with the same ID & password on different machines. What
>can I do to prevent multiple logins of the same ID & password?
>
>Cheers.
>
>SiuMo

sergey wrote in message <38dbf68d$1@news.devx.com>...
>
>One thought comes to mind:
>Add another field to your table, and when user logins set the field, when
>user log out or in Session_OnEnd reset the field.
>
>Sergey.


This approach could be rather tricky because in my experience, the
Session_onEnd event almost never fires at all. This would mean requiring
the user to explicitly log out after each session, and if they forget, or if
the session times out, the UserID would then be locked.

Perhaps populating an Application-scope array of current SessionID's and
their associated UserID's. Then check every so often to see if a SessionID
is still active on the server, if not (the session has timed out), remove
the array element.