jblack Posted January 10, 2007 Share Posted January 10, 2007 Ok, so I want to know how I would use a person's recorded IP address with $REMOTE_ADDR to authenticate in cooperation with sessions. I know how to insert data and update with php into Mysql databases, but how would I auth people based on their IP recorded in the database? Link to comment Share on other sites More sharing options...
MrAdam Posted January 10, 2007 Share Posted January 10, 2007 if you want to simply, compare the two to ensure you have the right person: save the IP in the database, when they register or something, then use a select statment to verify it's the same.you can then save that in a session - and as the user cannot modify the sessions themselves, it's secure enough to compare in the future - saving time. Link to comment Share on other sites More sharing options...
jesh Posted January 10, 2007 Share Posted January 10, 2007 Keep in mind that IP addresses can change if a person is assigned a dynamic IP address each time s/he connects to the Internet or a person uses a different computer to access the site (e.g. home vs. work). Also keep in mind that many organizations are behind proxy servers where all computers in that network share a single external IP address to the Internet. In those instances, you may see multiple people logged into your site from the same IP address using different accounts. Link to comment Share on other sites More sharing options...
justsomeguy Posted January 10, 2007 Share Posted January 10, 2007 They also might be using a proxy server that would send a different IP with every request. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now