Hi! I'm at my wit's end trying to figure how to prevent multiple logins of the same user at the same time. Meaning that, if one user logs in with his username and password and another naughty person somehow gets that username and password and tries to login from another computer while the original user is till logged on, he would reieve a rude message from the database.

I figured out that it would entail modifying the auth.pl codes. I tried to do that under the sub auth_check_password by chnaging the line from:

elsif ($db_uid) { # The user already has a user id given by the program.
(-e "$auth_dir/$db_uid") ?
return ('ok', $db_uid, &auth_check_permissions($db_uid)) : return ('Invalid/ expired user session')
}

to:

elsif ($db_uid) { # The user already has a user id given by the program.
(-e "$auth_dir/$db_uid") ?
#return ('The system has detected multiple logins. Your IP address has been logged.') : return ('Invalid/ expired user session');
}

But the thing is that it still allows multiple logins but when I tried to do any functions in the database, I receive the rude message. Worse still is that even the original user is affected and cannot do anything.

Can someone help me with this problem?

Thanks.
Julian