I want to do My cgi application access only one user at a time.

Not sure I understand your rationale. CGI by nature is stateless, meaning in this context that N-number of concurrent connections each capable of logging into your application at the same time. Why you'd want to even try to limit to one user at a time does not make sense to me, but I'll bite.

First off you need to find some way of implementing a sense of state in your application, in spite of the fact I just said CGI is stateless by nature. One way of doing that is through the use of session ids and cookies. (I prefer shortbread, but I digress)

You need to track the session ids somehow and associate those session ids with a userid. Looks like you've attempted to do so given the code you have posted in your original posting. But there's more to the task, you've only just begun.

You may want to use a database for some function of database. I doesn't have to be a relational database such as MySQL, PostgreSQL, Sybase, Oracal, et. al. It can be as uncomplicated as a file in /tmp or /usr/tmp (assuming some form of *nix) where you write the userids and session ids. I'd add one more field to that, last access time/date.

The recorded time/date gives you the means of tracking when the user last took a trip through your application. If for each CGI transaction you update that time and date you can also calculate the last time they were seen in the application. If, for instance, they haven't accessed the application in four hours (you can set that threshold lower or higher) you can then automagically log them out and terminate their session. Banks and other financial institutions do that all the time as a security measure.

I've given you the theory... I'll let you skull out the code. If you can't get it to work, post what you've tried (a bit more detail than what you've got) and we'll look at it for you.

Don't forget to try out some of the wonderful Tutorials we have on this website. They may give you more insight into what you are trying to accomplish.

if( firstToLogIn(...) ){
   youTheBossNow(...)
} else {
   soSorryOnlyOnePegInHole(...);
}
[download]

Hi,

Thanks for reply. I am not understood, your code, could u please little be elaborate?

There is not a lot to it. What part of it is confusing?

• The if statement? See if
• The condition? That's just a flag that gives true if there are no other users logged in. Count the active logins to see what it should return.
• Printing a normal page? Presumably you already do this.
• Printing an error page? This is the same as a normal page, but with a different message.

The problem here is that HTTP is a completely stateless protocol.   Someone can close their browser or completely turn-off their machine, or a cosmic-ray can go zipping through some circuit-board somewhere, or anything at all can happen such that “the user is now gone,” and there is nothing in this world that will tell you that this has occurred.   A user’s browser could crash, for any reason or for no reason at all, and now that user is locked out of your application.