Reply to Re: Is PHP session safe? — PHP Programming Language

Posted by max.schulze@googlemail.com on 06/13/07 13:23

On Jun 12, 11:05 pm, Jerry Stuckle <jstuck...@attglobal.net> wrote:
> howa wrote:
> >> And what do you do when the IP address can change with every request -
> >> for instance, AOL users and some corporations?
>
> > Hi,
>
> > You made a very good point, never thought of IP address can change
> > with every request...
>
> > How about only rely on the first 3 part, e.g. 202.92.94.xxx (drop the
> > last part) ?
>
> No guarantee there, either - although I don't see why it should change,
> you're also losing a main security feature. Just figure that IP
> addresses are not reliable security indicators.
>
> --
> ==================
> Remove the "x" from my email address
> Jerry Stuckle
> JDS Computer Training Corp.
> jstuck...@attglobal.net
> ==================

Maybe you can do that with AJAX
What about chaning the session_id on every request?

Or check if 2 Users with the same ip are logged in?

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация