I have been playing around with the way moodle handles sessions. I was able to login from both my laptop and my desktop on the same username. This is a problem for us, because we service large schools. What is to prevent them from only purchasing one username and allowing every student to log in as that username and password? Is there a way to prevent a user from logging in from multiple computers over the same username?
Thanks in advance.
Ryan
It's not a restriction that anyone really needs, because if every student uses the same username then education in Moodle simply won't work, since you won't be able to identify anyone, talk to them, grade their assignments and so on.
Are you charging schools by SEAT? I wouldn't recommend that.
Are you charging schools by SEAT? I wouldn't recommend that.
This is a major issue for us as we are evaluating using Moodle for after-school environments where students regularly share userids to keep costs low. The after-school providers are less concerned about quizes than utilizing a turn-key program that has little to no staffing and resource requirements that they have to fund. Further, our courses are not time schedule based, any student can enroll at any time for a fixed period of time. Our forums are more a historical knowledge base rather than a fixed resource for a specific semester period.
We offer our courses at a very low cost so they are affordable for urban communities and per seat is critical in our business model. In all of the example Moodle sites I have looked at to this point it seems that individual students enroll and pay via PayPal. How is that different from per seat?
We wrote our own PHP-based CyberSchool and implemented code that associated a key with the PHP session to not allow more than one computer to use the same userid at a given time. Is this something that could be easily implemented in Moodle?
We offer our courses at a very low cost so they are affordable for urban communities and per seat is critical in our business model. In all of the example Moodle sites I have looked at to this point it seems that individual students enroll and pay via PayPal. How is that different from per seat?
We wrote our own PHP-based CyberSchool and implemented code that associated a key with the PHP session to not allow more than one computer to use the same userid at a given time. Is this something that could be easily implemented in Moodle?
This is no the right place to ask but what is the recommended way to charge schools then ?
Ok, attached is the code for MySQL users who want to prevent multiple login with same ID.
Hello Anil,
I was looking all over the Moodle site for this information before I stumbled on this information. I am going to implement this at the earliest on my moodle site. Hope I can clarify any doubts regarding the text file that you have uploaded.
Thank you very much.
Regards
Mahipal
Hi Mahipal:
I have the same problem.
Did you find a solution to avoid several people to use the same login name?
Thanks
Pedro
I have the same problem.
Did you find a solution to avoid several people to use the same login name?
Thanks
Pedro
Hi
I tried your codes on version 1.9+ but it still doesn't prevent two computers from login on with the same Moodle user ID.
I checked the MDL_USER table "loginsession" attribute and it was successfully updated with the session key.
Could you advise what's went wrong?
I really need to control user ID to be only able to login once at any instance.
Many many thanks in advance. Have a nice day.
Regards
Jo
Has anyone gotten this to work?
Is there a solution that's easy to implement?
Thanks
-B
****
Is there a solution that's easy to implement?
Thanks
-B
****
Is this work for moodle 1.9+ ??
Thanks
Thanks
Is this working for moodle 1.9+ ??
Have anyone solved this issue?
Thanks
Have anyone solved this issue?
Thanks
This code is not working with moodle 1.9+.
Someone need to change the code to make it work.
Anshul Jain
Someone need to change the code to make it work.
Anshul Jain
Add a field into your moodle database user table (usually mdl_user):
Then, at the very end of config.php (just before the php closing tag "?>"), add:
and in lib/moodlelib.php, look into the "authenticate_user_login" function, search for "return $user", and just before add:
This way, if a second user (using a different IP address and/or a different web browser) logs in with the same credentials as an already logged in user, the first one is logged out.
login_session CHAR (32)
Then, at the very end of config.php (just before the php closing tag "?>"), add:
$usercheck = get_record('user', 'id', $_SESSION['id1']);
if ($usercheck ->login_session !== md5($_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT']) && $usercheck ->username !== 'guest') {
unset ($_SESSION['USER']);
unset ($_SESSION['SESSION']);
unset ($SESSION);
unset ($USER);
}and in lib/moodlelib.php, look into the "authenticate_user_login" function, search for "return $user", and just before add:
$_SESSION['id1'] = $user->id;
$updateduserrecord = array ('id' => $user->id, 'login_session' => md5($_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT']));
$updateduserrecord = (object)$updateduserrecord;
update_record("user", $updateduserrecord);This way, if a second user (using a different IP address and/or a different web browser) logs in with the same credentials as an already logged in user, the first one is logged out.
Thank You Nicolas,
Its working. Just a little problem.
I have to log in twice to get in my site.
But it does prevent simultaneous login.
Can it made in such a way that the user which logs in later gets a message that you are already logged in from different computer and the first user remains logged in.
Its working. Just a little problem.
I have to log in twice to get in my site.
But it does prevent simultaneous login.
Can it made in such a way that the user which logs in later gets a message that you are already logged in from different computer and the first user remains logged in.
Nicolas.
Not working.
Nobody can loging.
What can be wrong?
Nicolas, this is fantastic!
It works a treat. It now means that the username can be logged into Computer1, but as soon as the username is logged into Computer2, Computer1 will timeout on the next action (Clicking a link for example)
So, for the users who login at work, forget to logout and login at home, they can access the course with no real problems (except having to type their username twice). But for those giving their username out, this will cause great inconvenience.
You only have to type your username / password twice on a session timeout it appears, it doesn't happen if you press 'Logout' first.
Thank you.
It works a treat. It now means that the username can be logged into Computer1, but as soon as the username is logged into Computer2, Computer1 will timeout on the next action (Clicking a link for example)
So, for the users who login at work, forget to logout and login at home, they can access the course with no real problems (except having to type their username twice). But for those giving their username out, this will cause great inconvenience.
You only have to type your username / password twice on a session timeout it appears, it doesn't happen if you press 'Logout' first.
Thank you.
Hi
It works fine but the problem i face is the theme is getting disturbed and it looks very clumsy. can u help ?
It works fine but the problem i face is the theme is getting disturbed and it looks very clumsy. can u help ?
I have did it and it works!!!Thank you Nicolas.
By the way, I would like to know if there are any method to solve the problem that
I have still to login twice after the session time out?
Thanks
By the way, I would like to know if there are any method to solve the problem that
I have still to login twice after the session time out?
Thanks
I developed a solution for the problem of simultaneous users using the same username and password.
I have a version that works with Moodle 1.9.9 (I have not tested it in other versions).
I have another version that works with Moodle 2.0 Preview 4+ (Build: 20100715). It hope it will continue to work with future versions of Moodle 2.0.
The code and instructions for both 1.9.0 and 2.0+ are in the attached .zip file.
This solution does not require the double login like other solutions I have tried. It is however a refinement of the code suggested in these forums and I want to thank those of you who have contributed these solutions.
Please try this solution and let me know if you find problems or you have suggestions about how to improve the script.
Clarence
www.MusAPP.com
I have recently implimented this code onto a moodle platform that is to be used throughout various different countries. During the testing phase, users in Singapore have found that they can log in but then when they try to access any course area of the site they are returned to the login page. Could you offer any advice as to what could cause this to happen.
We have tested with their user accounts but cannot replicate the problem anywhere else. When just using the original Moodle login functionality they do not experience any problems.
I hope to try the code you provided. But some things first...
Please visit this related forum: http://moodle.org/mod/forum/discuss.php?d=32879#p677264
Thanks.
Please visit this related forum: http://moodle.org/mod/forum/discuss.php?d=32879#p677264
Thanks.
Hi Clarence,
I had used this code to block simultaneous users but i have to enter twice otherwise it is not allowing me to enter. Could you please let me know what i can do in this case.
I had used this code to block simultaneous users but i have to enter twice otherwise it is not allowing me to enter. Could you please let me know what i can do in this case.
I would like to implemented the code, and it seems like a good stuff to be included in the platform. But before that I would like to aska question what if the user accidentally close the window or the browser itself? what would happen?
where i can find the "config.php" and lib/moodlelib.php in order for me to add the code by sir nicolas? my moodle is hosted by bluehost.
Thanks,
Beginner
Be careful here John, this code was originally written in 2009, so may no longer be appropriate.
What is the exact issue?
Hi,
Its not working for moodle 2.5.
Can you help?