How to delete/invalidate a php session different to the current one

Question

I want to prevent my user to login my website from multiple browsers simultaneously. The server backend is written in php. The Idea is that I invalidate any session for that user when he logs in again.

To know which session the user has last logged in, I store the session id in a mysql database (as a VARCHAR).

But how can I invalidate a session different to the current one in php?

your session should invalidate itself: storing the new session id would cause a request with the old session ID to fail, or am i missing something? — Burki, Jan 28 '16 at 14:47
You just need to compare the one in the database with the one in the `$_SESSION` variable. If they don't match, log the user out. — chrisjacob, Jan 28 '16 at 15:28

score 1 · Answer 1 · edited May 23 '17 at 12:30

1

Please check some good answer already provided on the below URls

How to prevent multiple logins in PHP website

How to prevent multiple user login with same user name and password?

edited May 23 '17 at 12:30

Community

1
1

answered Jan 28 '16 at 14:51

Deepak Dholiyan

1,774
1
20
35

You can simply set a flag in the database and check this flag every time. If flag is set this means user is loggedin. – Deepak Dholiyan Jan 28 '16 at 14:54

How to delete/invalidate a php session different to the current one

1 Answers1