variables that identify a user

Ask about general coding issues or problems here.

Moderators: macek, egami, gesf

DoppyNL

variables that identify a user

Postby DoppyNL » Mon Sep 30, 2002 1:20 am

What variables can I use to identify a specific user??
I got a little problem with session-hi-jacking.
a link with the session id got spread out among some users wich lead to them all being logged in with the same username :S

I want to try to prevent this by checking some user-variables with stored user-variables.

so far I use
$_SERVER['HTTP_USER_AGENT']
$_SERVER['REMOTE_ADDR']
are there more variables I can use to determine if a session (possibly) got hi-jacked??

Jay

Postby Jay » Mon Sep 30, 2002 5:40 am

Use cookies?

DoppyNL

Postby DoppyNL » Mon Sep 30, 2002 5:48 am

hehe, I know.

I only check this when the user doesn't accept cookies.
But I want user that don't accept cookies to be able to use the site normally. So I have to transfer the session id (when no cookie is accepted) from page to page through the url.

I got it working now, I only need to know if there are more variables than the 2 mentioned above to check if a session was hi-jacked.

Greetz Daan


Return to “PHP coding => General”

Who is online

Users browsing this forum: Yahoo [Bot] and 2 guests

cron