> >Very good: keep the thing on a secure connection all the time, set a
> >session id cookie and keep all user info (possibly including
> >remote ip) in the server's session db... (vulnerable to nothing I can
> think of at the moment...)
>
> Wow, I never thought of using the remote IP! Thanks for the tip. I
> am going to use it today for an authentication system I'm building.
Careful. This will die in the butt if the client comes in from an ISP
using load-balancing proxy servers.
Jason
--
Jason Murray
[EMAIL PROTECTED]
Web Design Team, Melbourne IT
Fetch the comfy chair!
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
