What variables can I use to identify a specific user??
I got a little problem with session-hi-jacking.
a link with the session id got spread out among some users wich lead to them all being logged in with the same username :S
I want to try to prevent this by checking some user-variables with stored user-variables.
so far I use
$_SERVER['HTTP_USER_AGENT']
$_SERVER['REMOTE_ADDR']
are there more variables I can use to determine if a session (possibly) got hi-jacked??
variables that identify a user
Moderators: egami, macek, gesf
hehe, I know.
I only check this when the user doesn't accept cookies.
But I want user that don't accept cookies to be able to use the site normally. So I have to transfer the session id (when no cookie is accepted) from page to page through the url.
I got it working now, I only need to know if there are more variables than the 2 mentioned above to check if a session was hi-jacked.
Greetz Daan
I only check this when the user doesn't accept cookies.
But I want user that don't accept cookies to be able to use the site normally. So I have to transfer the session id (when no cookie is accepted) from page to page through the url.
I got it working now, I only need to know if there are more variables than the 2 mentioned above to check if a session was hi-jacked.
Greetz Daan