is there a better method of getting / keeping a user logged in other than cookies or session variables ?
Printable View
is there a better method of getting / keeping a user logged in other than cookies or session variables ?
You could store the IP address of the requesting user so you know who they are. It might work but i'd stick to sessions personally
From php.net
Quote:
andreyhristov at yahoo.com
12-Sep-2000 02:19
In reply to [email protected]:
When you use REMOTE_ADDR for getting the IP of the current user,
sometimes you get the IP of the ISP Cache server.
When this happens, the HTTP_X_FORWARDED_FOR is also set, it
contains the IP of the user.
So with this script, you always get the right IP:
<PRE>
if (getenv(HTTP_X_FORWARDED_FOR)){
$ip=getenv(HTTP_X_FORWARDED_FOR);
}
else {
$ip=getenv(REMOTE_ADDR);
}
</PRE>
And also:
Note that the X-Forwarded for header might contain multiple addresses,
comma separated, if the request was forwarded through multiple proxies.
Finally, note that any user can add an X-Forwarded-For header themselves.
The header is only good for traceback information, never for
authentication. If you use it for traceback, just log the entire
X-Forwarded-For header, along with the REMOTE_ADDR.
This text is written by :
[email protected] (before "And also:" and
[email protected] all other.
--
Editor's Note: We cannot trust HTTP_X_FORWARDED_FOR
yeh, ok. i suppose i'm not really doing anything extremely, important, sessions will have to do for now hey ;)Quote:
Originally posted by chrisjk
You could store the IP address of the requesting user so you know who they are. It might work but i'd stick to sessions personally
From php.net
thanx chrisjk
****, just reading thi again confuses me, there's a PHP.NET ??? :D sweet, didnt know it existed. gotta check this out :D
ummmm, sorry, i'm stupid :rolleyes: i just realised :( oh well, what am i talking about, i hate microsoft anyway.
btw. sorry for the *ahem* small amount of spamming.
:D you didn't know there was a php.net? where did you get your php from????Quote:
Originally posted by ubunreal69
****, just reading thi again confuses me, there's a PHP.NET ??? :D sweet, didnt know it existed. gotta check this out :D
:p
lol, no, no, i meant as in like ASP.NET & VB.NET now u see how stupid it was ? :D
yup, it is best to leave this one alone :p