Limit client to visit a website with 1 tab and 1 browser? [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.

---

Want to improve this question? Update the question so it focuses on one problem only by editing this post.

开发者_JS百科

Closed last year.

Improve this question

I would like to do something like play.clubpenguin.com.

What it does is that, when you visit the site, maybe using firefox or IE, if you opened a new tab or use other browser, when you visit that site again, it will show something like: "Please close the other browser that opened this page" or something like that.

How to do this? (Its client's request)

More information: The site is Flash site

EDIT:

Ok, i think this is a tough question, well, in general, Can this be done using php, mysql and JS?

---

Each time you serve the flash page to the user, generate a random token. Embed this token somewhere in the page, for example as a flashVar. Also, store the most recently generated token in the user's session.

Whenever the flash posts something back to the server, post the token as well. If the token does not match the token stored in the session, reject the post.

That way, only the most recently generated version of the page will have the ability to communicate with the server and if the user opens multiple versions of the page only the most recent will work.

This technique should work even if the user opens extra browsers on other machines. It doesn't use IP addresses to establish identity. And there is no chance that a user will somehow be 'locked out' permanently because every time they open the page again you reset the stored token.

It's a similar idea to the way some frameworks insert a validation token into forms to prevent Cross-site Request Forgery attacks.

---

try using the below code:

    window.onload = function(){
    if (document.cookie.indexOf("_instance=true") === -1) {
    document.cookie = "_instance=true";
    // Set the onunload function
    window.onunload = function(){
        document.cookie ="_instance=true;expires=Thu, 01-Jan-1970 00:00:01 GMT";
    };
    // Load the application
    }
    else {
    // Notify the user
    }
    };

The code will restrict the user to open one browser tab at a time and during browser refresh(current tab) the code will not show any alert. Copy pasting the same URL in new tab will not be allowed the user to open. for more info try this

---

If you want to forbid access with 2 different logins, you can enforce a rule that lock on a given resource.

The client IP could be one of this lockable ressource: only one session allowed for one given IP address. That would reduce the cheating to people that have multiple public IP addresses. People that shares public IP through proxy would have problem.

I don't see what other lockable resource you can use easily.

---

A few options spring to mind...

1. When they first open the site, you'd need to store the user's current state in a cookie or similar, which you'd check for every time you open the site. If the state is Active, then it means they have another window open. The problem in ensuring that the state is cleared when they leave the original site window - you'd need to listen for the window.onunload event, and clear the state at that point - but you can't 100% guarantee this will happen.
2. Otherwise, you could place a script on the site which pings a server script every n seconds, notifying the server there is a window open for that client, and prevent new windows being opened until there is a lapse in pings.
3. To get more complex, you could maintain a persistent connection between the server and client (via sockets or similar), which would keep note of the same. Less calls from the client, a bit more complex to set up. See http://www.kirupa.com/developer/flash8/php5sockets_flash8.htm for basic info on flash + sockets.
4. Given you're working with Flash, you could look into Local Shared Objects (flash cookies) to store the state. Still possible to miss the unload event, but at least the cookie is persisted across all browser sessions and browser types.

Option 3 is the best IMHO.

---

Solution:

Response your clients request with a NO, because you are the webdesign guru that knows what's the best for the client's visitors. the website doens't have to appeal to your client but the client's visitors. and when they are limited so hard on their own computers they are everything but satisfied.