WordPress.org

Ready to get started?Download WordPress

Forums

Code Needed: Prevent Dual Membership Login -sample included (1 post)

  1. Kevin Rape
    Member
    Posted 1 year ago #

    I'm running a wordpress membership site and want a way to prevent 2 separate people from using the same username and password. This is a code that I found from 2006, but it probably needs some updating.

    If you know any free plugins that would solve this, that would be super-great. I haven't found any yet.

    #Prevent Membership Fraud
    //check if someone is logged in
    if (isset($_SESSION['user_id'])) {
    //connect to your db
    require('../../../connect.php');
    /*build query using hirer_id and current_session_id, get count. If query comes back with a 1, it means there is a match. A match is good because it means no one else logged in during their session. On the other hand, a 0 indicates that no match, meaning someone else logged in simultaneously. Zeros get the boot of death.*/
    $result = mysql_query('SELECT COUNT(*) FROM user WHERE user_id='.$_SESSION['user_id']." AND session_id='".mysql_real_escape_string(md5(session_id()))."'");
    $login_status = mysql_result($result,0,0);
    //recall 1 is good, 0 is bad
    if (0 == $login_status) {
    //give them the boot
    //this is copied from my logout script
    $_SESSION = array(); //destroy the variables
    session_destroy(); //destroy the session itself
    setcookie(session_name(), '', time()-300, '/', '', 0); //destroy the cookie
    echo 'Hey, someone else logged in using your account info which means you get the boot.';
    exit();
    }
    }

    I do know some programming, just not much with databases. Your help is greatly appreciated.

    Thanks :)

Topic Closed

This topic has been closed to new replies.

About this Topic