[TYPO3-dev] Uniqe Fe user
gatalf
gatalf at yahoo.com
Fri Nov 16 11:22:17 CET 2012
I am trying to prevent simultaneous login of the same fe user.
I set the $TYPO3_CONF_VARS['FE']['lockIP'] to 4 but nothing happened.
Then I tried to handle this by checking the 'fe_sessions' table.
I altered the class.t3lib_userauth.php so after the user is
authenticated (line 711) his id is checked against a live fe_session.
The problem is that the 'fe_sessions' table does not always delete the
session entries, so I had to check the time of the entry. This works but
if a user closes the browser any attempt to login till the session
expires is prevented.
So is it possible to have a better control of which user is already
logged in and prevent any same user login? Also is it possible to
implement this at class.tslib_feuserauth.php in order to avoid
unnecessary calls of this function.
The version I am using is 4.5.22 and the code I wrote is the following:
if ($authenticated) {
$thisTime = mktime(date("H"),
date("i")-($GLOBALS['TYPO3_CONF_VARS']['FE']['lifetime']/60), date("s"),
date("m") , date("d"), date("Y"));
$sessions = $GLOBALS['TYPO3_DB']->exec_SELECTgetRows(
$select_fields='*',
$table='fe_sessions',
$where_clause='ses_userid=' . $tempuser['uid'] .' and ses_tstamp
>'.$thisTime ,
$groupBy='',
$orderBy,
$limit='',
$uidIndexField=''
);
if (count($sessions)) {
$authenticated = FALSE;
if ($this->writeDevLog) {
t3lib_div::devLog('There is a user logged in with the same data');
}
}
}
Thank you in advance
Thanos
More information about the TYPO3-dev
mailing list