Abhay Agarwal wrote:Approach can be --
When the user logs in first, generate a some random sequence number for him, store it in his session, and in the database's table.
The database only stores one random sequence number for the user.
Whenever the user logs in again from different browser, check if request is from different browser and check whether random sequence number in the session matches with the one in the database.
If it matches then no action need to be performed.
If it does not matches, it is not from same browser (mean user has logged in again). destroy previous session and now create a new random sequence number for him, store it in his session, and upate random number in the database's table (replacing old random number)
code to find browser name from request
hope this explanation will be helpful to you
~ abhay
Hi abhey,
How does your approach differentiates the sessions if the request is from same browser...i mean when they try to log in from same browser??...does it close the existing session and re-open new one???
Hi Ramesh,
When you say to terminate the old sesion, what about the data in the current state, say if he is in middle of adding items to his shopping cart as per your request, it will not only terminate the old session but also removes any progress made by the user using that session....
My suggesstion will be to setup a flag(with current browser name) in a database as soon the user logged in, if the user tries to login again with same browser then he should be re-directed to the old session, if it is from different browser then, either request the user to close the existing session and login or create a new session and copy the records from the old session (if there are any temporary state associated with the old session) and then invalidate the old sesion.