> > Do you null the user if the IP changes?  IPs can change
> > during a user's
> > session, so I wouldn't base the validity of the session
> > solely based on IP.
> When that happens a user has to relogin. No data will be lost.

Relogin? Huh, I'd never visit a site where I have to login on every 
twice click.
For some reason our company share 5 ip adresses for it's employees 
with NAT. We don't ever know what is our *current* request's ip, it's 
always changes by chance. It could be that I use one ip while I'm 
visiting a site (it's not likely), but it could be that my 5 requests 
get to the site sitting on 5 different ips.
So I don't recommend using the visitors ip address for anything.
        Arpi


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to