My website uses sessions for user logins and I would like to have a message on each page showing the user how many computers are logged into their account (like what Gmail does).
For example, if they are logged in on two different computers, I would like the message to say:
You are logged in on 2 computers.
I know how to check if they are logged in -- I just check the $_SESSION['username'] variable and if it's set then they are logged in on that computer. But how can I check if the same username is set in other sessions (indicating that they are logged in on other computers)?
This is very difficult to do with the default file based PHP sessions. By default PHP just stores session information in an opaque blob in a file in the file system, with the name of the file being the session id. You have no direct access to the data in those files without opening them all one by one and evaluating them.
What you need is to move that information into a database. Either store only the number of concurrent logins in the database and keep the other sessions as is, but that's hard to keep in sync. It's better to switch to a complete database backend for sessions in lieu of the file based storage. This allows you to transparently query any data in sessions, including easily taking statistical information about how many sessions a user has.
You're going to want to store session data in a database. Then you can query the database if there's multiple users with the same ID.
just create a extra column on the users table for login count. when the user logging into server increase the column with 1 count when the user logged off decreased with 1 count...
By the way the session are created for the each browser.. you can not access the other session variable from a session
Note: I am not going to escape the data in the examples but you need to do that with mysqli or PDO
Create a table logged_in_users or something like that with some columns like this:
create table logged_in_users(
user_id int unsigned,
login_date datetime,
hash_key char(32),
unique key user_hash_key(user_id, hash_key)
);
When a user logs in, remove old records, then add the new member like this:
$hash_key = md5(time().uniqid().rand(0,1000)); // Create a unique key
$_SESSION["hashkey"] = $hash_key;
// Remove the inactive members (this uses 10 minutes)
delete from logged_in_users where login_date > date_sub(now(), interval 10 minute);
// Add the user
insert ignore into logged_in_users (user_id, login_date, hash_key) values (123, now(), '$hash_key');
And when a users loads a page you should check to see if the user still has a record and insert one if he/she doesn't like this:
$hash_key = $_SESSION["hashkey"];
insert ignore into logged_in_users (user_id, login_date, hash_key) values (123, now(), '$hash_key');
Then when you want to know how many people are logged in, you would do something like this:
// Total people for a particular member
select count(*) as total from logged_in_users where user_id = 123;
// Total people logged in
select count(*) as total from logged_in_users;
// Total members logged in (not people)
select count(distinct user_id) as total from logged_in_users;
Finally when the user logs out delete them like this:
$hash_key = $_SESSION["hashkey"];
delete from logged_in_users where user_id = 123 and hash_key = '$hash_key';