Avoiding multiple logins to an account from different locations

Question

I want to restrict multiple logins of the same user from different locations. How can I identify a user\'s multiple logins from different locations in the same/recent times?

Answer 1

I would resolve something like that by making in user table, a activeKey column. Everytime user is logging in the activeKey is changed ( simple way subchar(md5(time().$username), 0, 16)), and and store it in session. Every time the webpage is refreshed/entered key would be checked. If dosn't match then logout with info. On correct logout key would be set to NULL, so when it could give a flag.

This metod could be combined with IP address, but only IP address could be cheated, same with MAC, and so on.

That is a main idea. There could be additional data like last login date, IP last login date, and so on.