Hi,
I am having problems finishing a code at the top of a secure page that will make sure that no two users are logged in at the same time. My if statement seems struggling. Wonder if someone can take a look. I have a feeling it is failing when comparing $currentsid and $dbsid.
<?php
session_start();
// starting the session
include("dbconnect.php");
$email = $_SESSION['email'];
$password = $_SESSION['password'];
$currentsid = $_SESSION['session_id'];
$sql = mysql_query("SELECT * FROM timer WHERE email='$email' AND pass='$password'");
$dbsid = mysql_result($sql, 0,'sid');
echo("Welcome ". "$dbsid" . "<br><br>");
if($_SESSION['loggedin'] != true and $currentsid != $dbsid)
{
session_destroy();
header("Location: http://www.hijazionline.com/php/login.php");
exit;
}
else
{
echo("Welcome ". $_SESSION['email'] . "<br><br>");
echo($_SESSION['session_id'] . "<br><br>");
echo($_SESSION['password'] . "<br><br>");
echo("Welcome ". "$currentsid" . "<br><br>");
}
?>
