IP address is not an effective solution. Anyone can use a 2nd browser on the same machine. Also, if for a company with 1000 machine behind the firewall, they all get one and the same IP address outside the firewall.
"Kevin Stone" <[EMAIL PROTECTED]> wrote in message 00a701c2bcdd$316349a0$6601a8c0@kevin">news:00a701c2bcdd$316349a0$6601a8c0@kevin... > You can never fully rely on any information given to you by the browser. > You can't rely it being accurate or even being there at all. What I suggest > to you is code a solution around the IP address. The IP address of course, > like any information coming from the client, can be tampered with but more > than likely it's not going to change while the user is browsing your > website. Right? So you just use it as a temporary ID. Log the IP to the > database, track the IP's movements on your website, log those actions to a > database. That's the best way to do it without having to force the user to > login. If you're concerned about people browsing from network IP then code > a solution using Sessions and track the session id. And finally if you need > to know that a client has 'returned' to your website set a cookie on their > computer. I'm sure you'll find ways to elaborate from there. You can do > all of this without requiring the user to "login". > -Kevin > > ----- Original Message ----- > From: "Scott Fletcher" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, January 15, 2003 2:07 PM > Subject: Re: [PHP] HTTP_REFERER work without a problem.... > > > > It's not a PHP bug. Many PHP programmer tried to their best to use > > HTTP_REFERER so they can keep track of which webpages on the current > website > > did the user last visited. That way, they can keep out the unauthorized > > access to the website without first logging in to the website. > > > > Well, my company's website use both SSL and Session ID. They are good for > > starter but they aren't any secure if anyone can make a direct access > > without logging in. That's where I use HTTP_REFERER to see what last page > > did he or she visited, if the last page being visited is outside of my > > company's website then php moved the end user to the login page. It is > > pretty effective. > > > > The common problem with the browsers is that they aren't compactible so > > HTTP_REFERER don't alway work right and sometime return a blank if those > > three are being used. I had been observing it for a few years. Those > three > > are 1) HierMenus, 2) location.replace('') and 3) location.href=''. When > > either one of these are in use, some browsers return with a blank in > > HTTP_REFERER. > > > > Cheers.... > > > > "Chris Shiflett" <[EMAIL PROTECTED]> wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > --- Scott Fletcher <[EMAIL PROTECTED]> wrote: > > > > Here's what I found so interesting.... > > > > > > > > This code, $_SERVER['HTTP_REFERER'] have worked without a > > > > problem when I use the latest Mozilla build. It even work > > > > with the HierMenus, > > > location.replace('http://whatever.com'), > > > > and location.href = http://whatever.com... > > > > > > > > This is a good news for PHP everywhere. > > > > > > > > Unfortunately, Internet Explorer still have this > > > > bug....... > > > > > > What bug is that? > > > > > > Is there a question here somewhere? I think I am having a > > > hard time interpreting it. > > > > > > Chris > > > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php