Re: [PHP] Session Theft

[Marek Kilimajer]

You can give the users the oportunity to turn ip check on (a checkbox in 
the login form). There is also a header that is set by many proxies to 
the ip address of the client, but I don't remember its name (maybe 
(X-)Forwarded-For)

Haseeb Iqbal wrote:

i just want to figure out a way by which i can stop session theft.i thought
if i can get something from user end that is unique for that user.for e.g.
his/her IP .but it will not work when they are behind firewall.they will be
assigned same IP.is there a way for me to get the IP (e.g.202.202.202.202
thats just an e.g. ) plus computer ip(192.168.0.1 e.g.) i saw once a java
chat server do this.if we can do this then it will help us (SOMEWHAT).
if anyone has better suggestion just let me know
Haseeb
 



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php