How can PHP developers prevent users from sharing their login credentials and logging in multiple times simultaneously?

// Start the session
session_start();

// Check if the user is already logged in
if(isset($_SESSION['user_id'])) {
    // Handle the case where the user is already logged in
    // For example, redirect the user to a dashboard page
    header("Location: dashboard.php");
    exit;
}

// Validate user credentials and log in
// Assuming $user_id is fetched from the database upon successful login
$user_id = 123;

// Check if the user has an active session
if($existing_session_id = checkExistingSession($user_id)) {
    // Invalidate the existing session
    session_destroy();
    // Remove the existing session ID from the database
    removeSession($existing_session_id);
}

// Generate a new session ID
$new_session_id = generateSessionId();

// Store the new session ID in the database
storeSession($user_id, $new_session_id);

// Set the session variables
$_SESSION['user_id'] = $user_id;
$_SESSION['session_id'] = $new_session_id;

// Redirect the user to a dashboard page
header("Location: dashboard.php");
exit;

// Function to check if the user has an existing session
function checkExistingSession($user_id) {
    // Implement your logic to check if the user has an existing session
    // Return the existing session ID if found, or false otherwise
}

// Function to generate a new session ID
function generateSessionId() {
    // Implement your logic to generate a unique session ID
    return uniqid();
}

// Function to store the session in the database
function storeSession($user_id, $session_id) {
    // Implement your logic to store the session in the database
}

// Function to remove the session from the database
function removeSession($session_id) {
    // Implement your logic to remove the session from the database
}