The article was last updated on August 24th 2016.
“- Hi! I have just purchased a subscription for the "..." course? Remember I told you about it? I will send you the username and password by email and we will study at the same time, you won’t need to pay, isn’t that great??? (Max)
- Hi! Yes, that’s just great, please send it to me! I would also like to invite two more friends to study with us, could I send the access details to them? (Nelly)
- Sure, you can invite whoever you like, we will all study together!” (Max)
This example of a possible dialogue between JoomlaLMS system users was provided on purpose. It exposes the risk every company that decided to organize paid courses using JoomlaLMS has. For example a user logs in to the site, notices a course that he/she likes and purchases it. After the purchase the user receives the username and password to access the learning materials. Besides obvious profit from the course selling there is a strong probability that the company will suffer significant damages. It will happen if the user who purchased the course will share the access details with friends and acquaintances. Everyone who receives free course access can enter LMS and study whenever they like. It is obvious that the company loses potential customers. But this is only one part of the problem. There is another one.
The server load will grow significantly as a lot of users will log in at the same time. It is possible that the server will have to be upgraded in order to ensure comfortable working conditions for users. And this will have to be done at the company's expense.
This problem can be solved. Course users enter the site not via JoomlaLMS but via Joomla! CMS system and here the solution of this issue was found.
There is a great Joomla! CMS plugin OnlyOnce! that prohibits multiple login to Joomla! CMS site using the same username and password. This plugin turned out to be a great solution for the above described problem. It works correctly with JoomlaLMS and doesn’t require any additional expenses as it is distributed for free. It’s only necessary to simply install and configure the plugin.
You can configure the plugin to work for a certain Joomla usergroup only, for example we will configure it to work for all registered users, see image 1.
Image 1. The OnlyOnce! plugin settings
The plugin works rather simply. A user logs in to the site and a new work session begins that can have a certain duration specified in site system settings, eg. 15 minutes. If another user tries to log in using the same username and password in this period of time from another workplace (with another IP address) the plugin will show an error message that user session with these username and password is already created and will ask to wait for the session completion. After 15 minutes a user will be able to log in to the system from another workplace and the data of the previous work session will be deleted from the database.
What will the dialogue between our characters be like if we installed and enabled the plugin?
“- Hi, it’s Nelly! I tried to log in to the site using the access details you sent to enter the course. I didn’t manage to do that, please check the error message I got (see image 2). (Nelly)
- Hi, what a pity, perhaps it’s not possible to study at the same time, maybe you should purchase the course subscription…(Max)
-Yes, I think I will as I wish to take this course so much.”(Nelly)
Image 2. The OnlyOnce! plugin error message shown upon multiple login attempt
So we have partially solved the problem and protected our courses from the simultaneous entering of a large number of users. To raise the security level we can also recommend setting time limits for taking the course or the limited number of attempts for taking the course for each new user. Good luck!