Hi PHP heads, I have question
regarding $REMOTE_ADDRes consistency. I am developing
a custom session library and I need a way to uniquely
identify each http client. Hasn’t this has
been a never-ending struggle for web developers? Anyways, I’m
using the variables $HTTP_USER_AGENT and $HTTP_ACCEPT_ENCODING to help create
the session hash and am now considering putting $REMOTE_ADDR into the pot. I know
that there are problems with $REMOTE_ADDR, like proxies and NATs,
BUT I WAS WONDERING, and now here comes my question, do the first two subnets
of an IP address (i.e. 204.57.x.x) typically stay the same, so that they could
be relied upon for general authenticity? By grepping
through the access logs this appears to be true. Ok
and don’t tell me, “Why don’t you
just use cookies?” Because we must support non-cookie clients and cookies
are not as authentic as ip addresses. Thank you for
your brilliant insights to this question. Nathan Cassano ContractJobHunter Web Developer |