I have a problem here that I think might be easy to solve, but I'm having trouble.
I'm having trouble controlling access to a site that is paid for okay, so the user signs up and has access to the site, OK.
The problem is that it can pass the password to a friend and both will use the site, so I tried to first identify the IP of the machine but I had problems with it because the IP ends up changing in some situations I do not know why (as in cell phone using 3G for example).
This Token is saved in the Database and also saved on the user's PC (cookie) and the site always checks before opening any page if the Token saved in the database is the same as the PC (cookie) and if it is (another person trying to access from another location) it blocks access by needing to 'reset' the access and to enter again, that is, after 'reset' the access it will be able to enter, but only the 1st one that logs in, because the other when try to change the page the site will see that the Token is different (since a new Token was generated) and blocks it ... well, it works well and causes the person not to pass his password since he will not be able to use the site to the same time with other people.
Now I have 1 problem, if the person 1 (holder) access the site and open a video for example, after opening it can notify person 2 to log in resetting access, even if person 1 is' irregular 'the site only realizes this when it tries to change page, but if the video has 1 hour it will watch quietly until it finishes and thus can do that combined' trambique 'without problem for both to access the content of the site.
WHAT DO I WANT? I have a PHP code that takes the Token saved in the database and compares with the saved Token on the PC and if it does not hit it performs a redirect to the ERROR page due to the multiple login.
I wanted this page (or script since it is a small code) to be executed frequently without giving refresh, every 5 seconds for example, so when a second user logged in, even if the first one was there to stop moving page the site would identify the crash and take it down on time.
But how to run a PHP script like this without refreshing the page?
The script I want to run would look like this:
$sqlToken = mysql_query("SELECT * FROM ead WHERE login = '$cpf' AND senha = '$senha'");
while($linhaToken = mysql_fetch_array($sqlToken)){
$ipToken = $linhaToken['ip'];
}
<!--ATE AQUI EU FIZ A CONEXAO E PEGUEI O IP SALVO NO BANCO-->
$ipCookie = $_COOKIE["tokenAcesso"];
<!--AQUI EU PEGUEI O IP SALVO NO PC/MOBILE PELO COOKIE-->
if($ipToken != $ipCookie){
<!--AQUI VEJO SE ESTAO BATENDO-->
<!--SE NAO BATER EU LOJO PARA A PÁGINA DO ERRO-->
echo "<meta HTTP-EQUIV='Refresh' CONTENT='0;URL=multiLogin.php'>";Now I needed to run this script frequently, every 5 seconds or so to always be checking if there was any irregularity as someone logging into the site at the same time (if this is done the bank Token will change and consequently this person who was already using the site will be knocked over by this script because the Token of your Cookie will be different from the NEW TOKEN that was saved in the bank understood?).
I look forward to returning, thank you.