I have login system in my site and users have to pay for using my site. As they have to pay, I am afraid that one user may share his username and password with another users. So I have to set my login system in such way that no user can use more than one browser at a time. But they can change the browser from time to time (not at the same time but different periods of a day). How can I implement that by php? Any idea?

Use helper javascript preloader to collect non-personal browser information and generate a hash from login time/account/IP/browser info.

Check on server side that no more than one hashes are active per user account at a time and force logout on former ones if that happens. Use another client-side javascript to periodically ping server and check hash uniqueness and seamlessly re-login legitimate users for "dynamic IP" use case.

Thus if user shares his account with another user they will keep constantly "kicking" each other out of site until annoyed enough to pay for second account.

You could generate a token/hash from their session ID whenever they log in. Add this token as a cookie value and then store it in the database. If the user is logged in and their cookie value doesn't match the value stored in the database, then they've probably logged in somewhere else.

Detect his IP and on every change make him add the computer (like Steam does it) and set a flag with last access date. On each action he makes update the field (like an online system) if no activity present in 10 minutes from other 'computers' he is accessing only 1 , you can`t prevent this because people can be ignorant, even if you make them enter sensible data to make him more sceptical in giving his credential is futile...

The only way which comes to my mind is you can keep a flag(a table column) in the database once the user logged in. So if he tries to login again, you will check if the flag is set. If it is set, then you can give error.. And remember to reset that flag once the user logged out..

Try checking the ip, or use 2 factor authentication.

(for example require the user to click a link in his e-mails to login)