> > Do you null the user if the IP changes? IPs can change
> > during a user's
> > session, so I wouldn't base the validity of the session
> > solely based on IP.
> When that happens a user has to relogin. No data will be lost.
Relogin? Huh, I'd never visit a site where I have to login on every
twice click.
For some reason our company share 5 ip adresses for it's employees
with NAT. We don't ever know what is our *current* request's ip, it's
always changes by chance. It could be that I use one ip while I'm
visiting a site (it's not likely), but it could be that my 5 requests
get to the site sitting on 5 different ips.
So I don't recommend using the visitors ip address for anything.
Arpi
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
