- This topic has 9 replies, 3 voices, and was last updated 11 years ago by
.
-
Posts
-
Disable simultaneous login not working as expected.
Without this being checked a user can log in and log out freely. He/she can also sign in using 5 browsers at the same time. To protect content I am using “Disable simultaneous login”.
Once I check “disable simultaneous login”, it rightly prevents access using another browser or platform. HOWEVER, it creates several problems:
1. If the user logs out and then tries to login again on the same device he can’t log back in again (just jumps to Home page). Doesn’t matter which browser, the user is effectively locked out;
2. Equally if the user is watching on a desktop (e.g. at work) and then logs out and wants to watch on a tablet (e.g. on the journey home) he/she can’t log in. So the lock-out carries across platforms/devices.
3. I don’t think it is browser related as other members can log in using the same browser/same session, same browser/different session, different browsers. So it may be a setting within the eMember files. However once those other members log out, they too can’t login again.
4. Finally it appears that the “lock out” clears itself after 60minutes and the users can log in. However once they log out, they can’t get back in again for another 60 minutes.
So I think I have three questions:
A Is it possible to make it so that a person can log out and back in again without waiting an hour? If a member changes their device or logs out to make a cup of tea, I want them to be able to log back in again immediately.
B does this mean the simultaneous login prevention is based on “time since last login” rather than “is this user already logged in?” If the former, does that mean if a person is paying to watch a live event, another person CAN actually use the same login details, IF they wait more than an hour?
C Finally when the logged in user is denied access, he/she is just returned to the home page of the site. Is it possible to generate an error message as to why they’ve been denied access?
I’m using V8.8.6 of eMember and will be integrating it with eStore once I’m a bit more up the learning curve.
Thanks in advance for your help.
I think the reason for why they *can* log back in is the “Logout the Member After XX Minutes” default is 60 minutes.
Are you using a caching plugin? If so, do you have it set to ignore the eMember_in_use cookie?
https://support.tipsandtricks-hq.com/forums/topic/using-the-plugins-with-w3-total-cache-plugin
Thanks. As far as I am aware, I am not using any caching plugin. Should I be?
I have the “logout member after xx minutes of inactivity” set to 5 minutes, but it seems to ignore this.
SO, is it possible to make it so that the cookie is cleared when a person ends their browsing session? Would that fix the problem? It is not good that they can’t login for 60 minutes if they are paying for access to watch a live stream.
Thanks.
Thanks. As far as I am aware, I am not using any caching plugin. Should I be?
Don’t add one, unless you think you need one; and only after this issue is resolved.
I have the “logout member after xx minutes of inactivity” set to 5 minutes, but it seems to ignore this.
@admin may want to examine your system. He will address this, later today.
@John, We don’t do any *lock out* in eMember. Are you using any security plugin where this temporary *lockout* is being applied?
For example: If you were using our security plugin and enabled the lockout option it would show the behavior you are explain:
http://wordpress.org/plugins/all-in-one-wp-security-and-firewall/
Are you using any plugin like that?
Hello, Thanks for your reply. Sorry for the delay with the weekend and Bank Holiday here. No I’m not using any other plugins except Contact Form 7,eStore and eMember.
The problem seems to be very specifically linked to the “disable simultaneous login” function. If that option is NOT selected in my settings I can login/logout and login again across different machines and platforms. No problem.
As soon as that option IS selected I can login. If I close the browser and reload it, it remembers I am logged in ok. If I try to login from another device it also knows not to let me.
But the problem is that if I select “Logout” then it won’t let me login again (on any device/platform) for 60 minutes. It is like when the person clicks on “logout” it doesn’t clear the cookie/timer or whatever. It doesn’t matter which browser/device – the lock out is for 60 minutes.
If I am charging for access to premium content then the user needs to be able to login/logout at will. I’m sure this is a really small setting somewhere or one line of code, but any assistance would be much appreciated.
Out of curiosity I selected “forgotten password” and let the system send me a new password just to see if that made any difference – and it didn’t.
Thanks for your help.
Also, I am not sure if it is relevant or not, but when I installed/activated eStore and eMember, I got the advisory message below for eMember:
Emember:
The plugin generated 197 characters of unexpected output during activation. If you notice “headers already sent” messages, problems with syndication feeds or other issues, try deactivating or removing this plugin.
I wasn’t expecting any errors, so I copied and saved the text. Not sure if this helps.
Thanks
John
Hi John, The source of the issue could be the “disable simultaneous login” feature. So do one test for me so I know for sure as to where I should focus my investigation.
Turn off the “disable simultaneous login” feature from the settings. Do you see any issue after that?
Hello, my apologies for not replying sooner. Unfortunately my brother-in-law died last week so I have not been using the PC for a week.
Yes, the simultaneous login seems to be involved. Without it there is no problem.
With it activated, it prevents anybody else using the login details, but it ALSO prevents even the registered user from logging in again until an hour has passed.
Maybe it needs a line to say “if a user has logged out, then allow another login right away”.
Thanks for your help.
- You must be logged in to reply to this topic.