Member Avatar for arcticM

if a user opens my website url (x.com)
how can I prevent him from opening the same url (x.com) in another tab/window? (another browser is ok)
my application is all ajax, so there are no different links, the content of the page just changes all the time, and I can't have the user do 1 thing in 1 tab and another thing in another under the same sassion.

Hmm, that's interesting :D
I'm sure there are better ways, but I would log the user's IP Address and browser agent on login either in a DB, a session variable or in a separate text file, and every time they try to perform an action, check to see if they are already logged on, and if so check that they are using a different browser. However, this is a PHP minded solution, and your page is all Ajax, so maybe a more suitable answer will be found in the ajax forum. Good luck!

Member Avatar for arcticM

I was thinking of something simpler like

if(isset($_COOKIE["PHPSESSID"])){
    echo "can't open 2nd window";
}else{
    //load page
}

but my session doesn't get destroyed for some reason.. even if I logout (and run session_destroy()..)
when I reopen the browser the session still exists..

in php.ini everything seems to be correct

session.auto_start = 0

I even added this before my sesion_start()-

session_set_cookie_params(0);

so I don't feel secure now using sessions for this check..

I think you should be using $_SESSION instead of $_COOKIES. There is slight difference between the two; cookies retain information until deleted whereas sessions retain information till browser is active. Try doing this if it fulfills all your requirements.

Member Avatar for arcticM

what can I use instead of the PHPSESSID? there's no such thing as $_SESSION["PHPSESSID"]

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.