WordPress.org

Ready to get started?Download WordPress

Forums

Prevent multiple login using a single ID (3 posts)

  1. aross
    Member
    Posted 6 years ago #

    When editing my locally installed wordpress blog using two different browsers, it is possible to be logged in as the same user with both browsers. I am assuming (perhaps incorrectly) that this implies that it would be possible to log in to a live site multiple times concurrently (abeit using different sessions) using the same user account.

    I would like to prevent this from being possible, and display a "user already logged in" type message should a user account be in use when someone else tries to log in using the same username and password. Is this already an option in wordpress? Is there a plugin that can achieve this? Would this require editing the source code (if so a few pointers would be appreciated!)?

    I'd really appreciate some help, I have spent a fair bit of time searching for a solution to this issue. It may be glaringly obvious, or already documented somewhere on wordpress.org, apologies if that's the case.

    Thanks in advance!

  2. Samuel Wood (Otto)
    Tech Ninja
    Posted 6 years ago #

    Is this already an option in wordpress? Is there a plugin that can achieve this? Would this require editing the source code (if so a few pointers would be appreciated!)?

    No, probably not, yes quite a lot of hacking would be needed.

    WordPress doesn't have any idea who's "logged in" at any one time, because there's no system for tracking that in any way. When you log in, a cookie is set on your browser with your username and a code representing your password (sorta). Every time you access the site, that cookie is checked and you are identified as you.

    So, it's not like you're maintaining a permanent connection or using some kind of session. You're "logging in" every single time you hit the site for anything.

    To do what you're wanting, you'd have to rewrite a lot of the login and authentication system to use sessions or something similar.

  3. aross
    Member
    Posted 6 years ago #

    Thanks for such a fast response!

    This is my problem:

    I am working on a site that a large number of people will eventually be editing occasionally. Creating a user account for all of them would be overkill and would quickly become a headache to maintain for the site administrator. I was planning to create a handful of different users (with a variety of roles) that the group would share.

    If two people logged in as two different users attempt to edit the same post, WordPress (new in 2.5?) handily presents the second user with a warning to avoid one person overwriting another's modifications. Unfortunately if two people were to log in as the same user and attempt to do the same, there would be no such warning. This means that overwriting could become a bit of a problem in the scenario I outlined above.

    I realise this is a similar question to the one I posed in my first post, but is there a work-around to this problem or might you be able to suggest one?

    Thanks again!

Topic Closed

This topic has been closed to new replies.

About this Topic