Yup, AOL's proxy servers do this.

Justin Garrett

"Joseph Szobody" <[EMAIL PROTECTED]> wrote in message
In a portion of a website, I have implemented user authentication and
management using sessions. When a user first logs in, the $REMOTE_ADDR is
stored is a session variable SESSION['ip']. On each of the protected pages,
a header.php is included with the following code:

if ($SESSION['ip'] != $REMOTE_ADDR){
  header("Location: error.php?err=2");

As you can see, this is an attempt to see if someone is trying to hijack a
session. The problem is, AOL doesn't like this. Whenever an AOL user logs
into the website, the session starts successfully, but when the user goes to
a protected page, he's redirected to error.php?err=2. For some reason, the
IP address appears to be changing.

Is this a known issue with AOL? Is the IP really changing from page to page?
That seems weird. Any way around this, or must I stop using this security


: Joseph Szobody :
"Computers are like airconditioners: They stop working properly if you open

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to