Posted by walterbyrd on 08/07/06 11:55

Benjamin Esham wrote:
> walterbyrd wrote:
>
> > I am working on a timecard app. When somebody logs in, it stamps his/her
> > time.
> >
> > Problem is, I have to make sure that somebody is not logging in from a
> > remote site. I want all the logins from one particular, on site, system.
> >
> > The app is part of another system, which is ran online. It's not a local
> > intranet, or anything.
> >
> > I am wondering if there is something unique I can create on the on-site
> > system, which can be checked form the remote system, to insure the
> > employee logs into *that* system.
>
> http://us3.php.net/reserved.variables
>
> Take a look at REMOTE_ADDR and REMOTE_HOST.
>

I don't think that would be helpful for me. I need the server to verify
a particular client. That client is behind a NAT, and the client
address is set by DHCP, also the client IP address is very generic,
i.e. 192.168.1.x.

I need the server to check the client for something unique. Maybe a
machine address, or a special hidden file.

I am sure this can be done. Although maybe not from PHP. There are
companies that have web-time-cards. I think the commercial
web-time-card apps, may be initiated from a app on the client side. The
desktop app then connects to the server.

[Back to original message]