Richard Lynch wrote:
On Mon, May 1, 2006 7:13 am, Ryan A wrote:
...
You *CANNOT* assume IP address has *ANYTHING* to do with what user is there! IP address is USELESS for identification/authentication of users in an HTTP environment.
with one caveat (I standing by to be shot down ;-): when the IP is my own and I redirect everything else (everyone not coming from my office's static IP for instance) to some other file/site/whatever then I can pretty sure thats going to work right? - granted it's not impossible for some to screw router tables and spoof IP addresses but which ever genius manages to do all that to is going to be mightly disappointed by what I'm 'hiding' :-) - besides I'm not armed against crackers of that caliber - if someones Fu is that good I'm ****ed whatever I do (I have always assumed that there is always a way to hack a system if the person on the other end is good enough) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
