Ooooh, it's a lesson every day! Right, back to the drawing board :(
Justin French [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
on 08/09/02 5:04 AM, M1tch ([EMAIL PROTECTED]) wrote:
Why not just use IP?
I created a nice system, whereby if your IP is
Just out of curiosity, do you know if any part (e.g. x1.x2.x3.x4) of the IP
remains static when AOL changes it? Even if it's only the first part, that's
better than nothing.
I'm having a headache now, because I'm already behind schedule, and this has
just thrown a spanner in the works :( (but
Nope, have no idea... I've just allways been told (and adhered to) the rule
that you don't trust anything client side, which would include IP address'.
Even if you could get it working for AOL, what about some other ISP located
in Australia, South Africa, or anywhere else on the planet that
PROTECTED]
Subject: [PHP] Re: Proposal for securing PHP sessions
Why not just use IP?
I created a nice system, whereby if your IP is changed (or someone is
hacking your session), the session is destroyed, and the user must log in.
Does not add much overhead either.
Also, I built it using
] Re: Proposal for securing PHP sessions
You're going to be shutting out a lot of AOL users (bah! who needs em! ;p)
if you do that, as AOL changes a user's IP address about as often as you
read the word the...
Dave
-Original Message-
From: M1tch [mailto:[EMAIL PROTECTED]]
Sent
07, 2002 12:05 PM
To: [EMAIL PROTECTED]
Subject: [PHP] Re: Proposal for securing PHP sessions
Why not just use IP?
I created a nice system, whereby if your IP is changed (or someone is
hacking your session), the session is destroyed, and the user must log in.
Does not add much overhead either
on 08/09/02 5:04 AM, M1tch ([EMAIL PROTECTED]) wrote:
Why not just use IP?
I created a nice system, whereby if your IP is changed (or someone is
hacking your session), the session is destroyed, and the user must log in.
Does not add much overhead either.
large ISPs like AOL use variable IPs
7 matches
Mail list logo