I've had trouble with users login in with the same UserID and password. To prevent this, we have made some code {attached} which needs to be tested. It seems to work for me on 1.5.2+, only on MySQL.
What is done in the code is :
1. Create a new database field which stores the session key of a logged in user.
2. If another user logs in with same UserID, the session key is overwritten with the new Sessionkey.
3. This will logout the first user the moment he clicks into another link.
I understand there are flaws in this logic. If users keep login in again and again, each user gets logged out the moment another logs in. The idea is, the actual user should change his password when he sees this happening.
This ensures that only one user is logged in with one userID at one time.
I need help on the following :
1. I have no installation of Postgres to test this on, if someone could do this and post the edited code, it will help other users who need this.
2. If anyone has better ideas, suggestions or can improve the code, it would be great !