Seegatesite, how to force user to log out I apply some project website that I created. This article is a continuation of the articles that I have written before How Do I Check the PHP Session Realtime Using Jquery And Mousedown Event. In addition, this technique can also be used to disable / do banned user via admin panel.
The essence of this method is to add a unique value to the database, then the script will do the checking every time the user clicks on the HTML element. The system will always perform to update unique values into the database when a user login in the system. And each time the user clicks on the HTML element, system checks to see if a unique value in the database same with the value stored in the global variable ($_SESSION). If different, then the entire session will be destroyed. The following is the complete tutorial.
My simple way to force user to log out when the user login on other sessions
1. Add new field on your user table with the name “unique_auth” (data type : varchar(20))
2. To create a unique value on the field unique_auth with the following code
1 | $unique_auth = base64_encode(uniqid().strtotime(date('Y-m-d H:i:s'))); |
3. Save the above unique value into the field unique_auth and global variables $_SESSION[‘unique_auth’] When user do log in.
1 2 3 | $uniqlogin = base64_encode(uniqid().strtotime(date('Y-m-d H:i:s'))); $sv->updateUniqLogin($iduser,$uniqlogin); // save unique_auth to DB $_SESSION['unique_auth'] = $uniqlogin; // Send unique_auth to $_SESSION Variable |
4. I’m using AJAX Jquery and MouseDown event to check session and value unique_auth whether the same or different from those in the database. If the both value is different, the system will force log out an active user. The following code is my example script, Please customize your application
session_checker.js
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 | $(document).on("mousedown",function(event){ if(event.which == 1){ $.ajax( { url : "session_checker.php", type: "POST", success: function(data, textStatus, jqXHR) { var data = jQuery.parseJSON(data); if(data.result == -1) { window.location.replace(data.url); } }, error: function(jqXHR, textStatus, errorThrown) { $.notify({ message: 'Error : '+jqXHR.status+' - '+textStatus+' '+errorThrown },{ type: 'danger', delay: 10000, }); } }); } }) |
session_checker.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | <?php session_start(); include "config.php"; if (!isset($_SESSION['myapp_nama_user']) or !isset($_SESSION['myapp_id']) or !isset($_SESSION['myapp_level']) or !isset($_SESSION['myapp_uniqid']) or !isset($_SESSION['myapp_h_menu']) ) { $data['result'] = '-1'; $data['url'] = $sitename.'aplikasi/utama/login.php?error=session_die'; }else{ include "../aplikasi/model/dbconn.php"; include "../aplikasi/model/myapp.php"; $id_user = $_SESSION['myapp_id']; $myapp = new myapp(); $ceklogin = $myapp->CheckLoginAutentikasi($id_user); // check unique_auth value on DB if($ceklogin[1]['unique_auth'] == $_SESSION['unique_auth']) // check if unique_auth same with $_SESSION['auth'] { $data['result'] = '1'; $data['url'] = 'access granted'; }else{ // if value from field unique_auth is different with $_SESSION['unique_auth'] $data['result'] = '-1'; session_destroy(); $data['url'] = $sitename.'aplikasi/utama/login.php?error=99'; } } echo json_encode($data); ?> |
Please try on your browser and see the results.
Thus my simple way to force log out active users. If you have a better solution, please give me feedback on the comment form below.
gak bisa di download eror saat di extrak master
maksutnya yang mana ya???