Restrict User to Single Login
Greetings,
- Goal -
Restrict users from login on two computers at same time.
I have indicated below the code that is suppose to check for and terminate
a session if user has logged in twice. If I remove the code, the authentication
process functions as expected, but allows for mutlipe logins.
I am attempting to follow the tutorial example: http://tutorial452.easycfm.com
for my solution and am not having any luck. When I attempt to run the process
I get the following error message.
"Element USER_ID is undefined in THISSESSION"
If I run the code below on a page, it returns a list of current sessions,
associated with the login process.
<cfset tracker = createObject("java","coldfusion.runtime.SessionTracker")>
<cfset sessions = tracker.getSessionCollection(application.applicationName)>
<cfdump var="#sessions#">
Obviously I am missing something here. If there is a better way to accomplish
my goal, I am certainly open to suggestions.
Leonard B
<=== My Code ===>
<cfquery name="rs_verify" datasource="[dsn]">
SELECT
user_id,
first_name,
last_name,
login,
password
FROM
login_once
WHERE
login = <cfqueryparam value="#login#" cfsqltype="cf_sql_varchar"> AND
password = <cfqueryparam value="#password#" cfsqltype="cf_sql_varchar">
</cfquery>
<!--- == Checks and logs out user if logged in twice ========== --->
<!--- If code below is removed login process works without issues --->
<cfif rs_verify.recordCount>
<cfset tracker = createObject("java","coldfusion.runtime.SessionTracker")>
<cfset sessions = tracker.getSessionCollection(application.applicationName)>
<cfloop item="loopSession" collection="#sessions#">
<cfscript>
thisSession = sessions[loopSession];
thisUser = thisSession.user_id;
if(thisUser EQ rs_verify.user_id){
thisSession.setMaxInactiveInterval(1);
break;
}
</cfscript>
</cfloop>
<!--- log them in --->
<cfset session.user_id = rs_verify.user_id>
</cfif>
<!--- If code above is removed login process works without issues --->
<!--- ============================================ --->
<cfset comparison = Compare(form.password, rs_verify.password)>
<!--- Start Tag --->
<!--- Verification that a record match exits --->
<cfif rs_verify.RecordCount>
<!--- Password case sensitive comparison --->
<cfif comparison eq 0>
<!--- Set session variables for later use --->
<cfset session.allowin = "True">
<cfset session.first_name = "#rs_verify.first_name#">
<cfset session.last_name = "#rs_verify.last_name#">
<cfset session.login = "#rs_verify.login#">
<cfset session.password = "#rs_verify.password#">
<!--- Set session variables for later use --->
<!--- Section relocation to appropriate page --->
<cflocation url="index.cfm" addtoken="no">
<!--- Section relocation to appropriate page --->
<!----------------------------------------------------------------------------->
<cfelse><!--- Case sensitive comparison - mismatch --->
<!----------------------------------------------------------------------------->
<!--- Section displaying password case sensitive mismatch--->
<cfinclude template="insert_password_mismatch.cfm">
<!--- Section displaying password case sensitive mismatch--->
</cfif>
<!--- Password case sensitive comparison --->
<!---------------------------------------------------------------------->
<cfelse><!--- No record found statement portion --->
<!---------------------------------------------------------------------->
<!--- Section displaying no record found information --->
<cfinclude template="insert_no_record_found.cfm">
<!--- Section displaying no record found information --->
</cfif>
<!--- Verification that a record match exits --->
AdChoices