[nycphp-talk] Experts help needed (Sessions)
Joseph Crawford
codebowl at gmail.com
Wed Aug 3 08:34:54 EDT 2005
Rolan,
I have been trying to think of a method to use that wouldnt rely on the IP
at all, however i cant base it on the user agent because how many people use
IE and or FireFox? I cannot base it on the session id as that is what i am
detecting someone hijacked and then i destroy the session. What else could i
check? I guess i could use some javascript on the main page to grab some odd
info from the user maybe something about thier hardware but i am not sure
how that would go. I am sure Amazon, etc.. dont do that but yet they still
secure thier sessions..... How?
--
Joseph Crawford Jr.
Codebowl Solutions, Inc.
1-802-671-2021
codebowl at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20050803/6f57ff01/attachment.html>
More information about the talk
mailing list