How to prevent multiple logins in PHP website

Question

I want to prevent multiple logins in a php application.

First, I create login status (active, notactive) in a user table.

When user A logs in the user status

Answer 1

This solution is similar to prograhammer's, but doesn't require you to mess around with switching sessions. It doesn't require you to access the database on every page and doesn't lock out the user after they failed to log out.

Add a field for sessionID to your user table in the database.

Set the default session handler before calling session_start() (needed for the next line of code to work):

session_set_save_handler(new \SessionHandler());

On every successful login, retrieve the stored $sessionID from the database. Destroy the old session with:

(new \SessionHandler())->destroy($sessionID);

Get the new session ID with:

$sessionID = session_id();

Store the new session ID to the database.