Summary: Only allow 1 login at the same time for a username
Version: 1.4
Prerequisites: AuthUser, PHP5 or PMWCompat if you use and older version of PHP
Status: working
Maintainer: & Sven
Categories: Security
Discussion: OnlyOneLogin-Talk?

Questions answered by this recipe

How come I can logon in FireFox and Internet Explorer at the same time with the same login name?

Can I prevent two people logging in at the same time using the same login name?


When using AuthUser a person can login as many times as they want from different computers and browsers. This recipe will change this so that when someone logs in anyone else with the same user name will be logged out. This gives users incentive to not share their login data with others.


If you are not using PHP version 5 or newer you will need to install recipe PMWCompat.

There are 3 steps to installing OnlyOneLogin.

Step 1

Create a directory named "userlock" on the same level as you wiki.d directory.


Create a page named "Site.LoginSuperseded".

Step 3

Copy OnlyOneLogin.phpΔ to your cookbook directory.
Place this AFTER inclusion of AuthUser !
Inclusion in your config.php:
or in your farmconfig.php enter:


Use "require" and not "include" - this will deny any access if the security check fails due to server problems. Do not user "require_once" because someone might capture it's Redirect() and make it void. Better check once too often than once too less.

Release Notes

  • Version 1.4 - Changed page name from YourSessionHasBeenSuperseded to LoginSuperseded
  • Version 1.3 - added "if (!defined('PmWiki')) exit();"
  • Version 1.2: Initial Release

See Also


 created and maintains recipe

Sven created initial code


See Discussion at OnlyOneLogin-Talk?

User notes? : If you use, used or reviewed this recipe, you can add your name. These statistics appear in the Cookbook listings and will help newcomers browsing through the wiki.