Please post your script so we can see what is going on and possibly offer some advice
I can't tell if this is an option for you, but you might consider using global fields, which are unique to each user - this way users shouldn't see field content from other users. The better approach would be a Session table though:
I use a custom login script as well - I have a dedicated Session Table for that purpose. Basically during login the script checks if there is an open session for that user and if so that record is used. Otherwise a new session is created. When the file is closed another script closes all open sessions of the current user (there should only be one anyway) . The same thing happens if the user explicitly logs out. The open/closed option is just a number field flagged with 1 or 0 (true/false).
That way I can see all logins and logouts with date, time, client and so on. Due to the fact that every user has their own session records, locking isn't an issue.
I agree with thirdsun... use global fields and/or global variables. Make sure your login script is only reading data or creating new records to avoid record locking. Or adapt your script to figure out what it needs to do if it wants to modify a record that is already record locked.