Check if id_user is logged in (Session - codeigniter)

Asked

Viewed 1,350 times

4

I am building a login system and in it I am making some validations. Everything functional, except, the verification if user is already logged in.

I’m using the method below, but it’s not 100% functional. What I want is to check if the user who is trying to log in is already logged in to some session.

What I want is to prevent the same user from having two sessions.

Method code:

private function _valida_usuario_logado()
{
    $id = $this->session->userdata('id');
    $ci_sessions = $this->auditoria->listar_ci_sessions();//$this->db->get('tbl_ci_sessions');      

    foreach($ci_sessions->result() as $item)
    {           
        $user_data = $item->user_data;
        $sessions = unserialize($user_data);

        $id_logado = $sessions['id'];           
    }

    if ($id == $id_logado)
    {           
        echo 'ja_logado';           
        exit();
    }
    else
    {
        echo 'nao_logado';
        exit();
    }
}
  • I recommend using a helper or a hook. This method of yours will only do this validation within his own class, and the ideal is that it is global, or is it not? From what I see there, he is checking if there is already a session in the bank, and if it already exists, he prints a message and closes the execution. So your problem is not to check if there is a session, but to know what to do after checking, correct?

  • Actually my problem is to check, because it is not functional. Because it is preventing a login, of a user who is not even logged in. I want to do the following: my user has ID 1, if this ID is already logged in to another browser, host, etc., then it prevents the login from being done, otherwise it allows the login to be done. I’m looking for the return ja_logado by ajax and in case of success I redirect the page by ajax.

  • The cat jump is timestamp. To use database data you would have to validate the lifetime of this session with a timestamp. You can kill the SESSION when the browser close, but in DB it’s different. If the user logs in and then doesn’t depress, the data continues (persists) in DB, and vc will have false positives. Then I’ll give you an answer here, but you should try something like this...

  • I tried an example, but it wasn’t timestamp and it didn’t work.

4 answers

0

In each control, I use it as follows:

if($this->session->userdata('logado')==null) redirect('login');

In this case, logged in, is the name of the Ssion you directed. Then the construction would be that way:

class Interno extends MY_Controller {

    public function __construct(){
        parent::__construct();
        if($this->session->userdata('logado')==null) redirect('login');
        ...
    }
}
  • So, this is not what I want, I already have it working. What I want is to prevent the same user from having two sessions.

0

Wagner, I don’t think it can be done, I tried to do it too.

What can be done and works more or less cool, is to create a table in the database that makes a mark when logging in, because the sessions are individual per browser, so when logging in, would check if you are already logged in to the database.

HOWEVER, it may happen that the user just closes the browser instead of logging out, so he could not log in anymore.

So I think the right thing to do would be to do as GOOGLE does, just to let the user know that you have been logged in at date and time x, whether you recognize this login or not. If it says yes, then deletes the last login record and creates a new one.

  • Friend, the Sesssions are saved in the database, so as soon as the user logs in, an array is created with the predefined login information. id_usuario in the user_data, on the table session, however, this is where my problem lies, because the code is not working 100%. Time works, formerly not.

0

   if($this->session->has_userdata('id')){ //Ou o dado que TEM de existir pra estar logado
      echo 'Logado';
  }else{
      echo 'Não logado';
  }

-3

You create the session in the database, and then you can store the session in the user’s browser by specifying the date and time in it (Local Storage) You can use javascript to do this insertion/checking on Local Storage and redirect if you need to.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.