jekillen schreef:
Hello again;
I am developing an application that uses php with Apache.
A user requests a script file from a web site and the server
takes such things as $_SERVER['REMOTE_ADDRESS']
$_SERVER['REMOTE_ADDRESS'] is a pretty useless value for the
age old reason that, for instance, AOL users may very wellhave
their IP address changed every other request (STW or STA for more
on this)
and uses php's time() function to record the time in utc
time() only returns UTC (aka GMT) if your server's timezone is UTC.
am I mistaken? if not check: gmmktime()
code (which would be the server's system time)
and other bits of info and saves it in a php script file on
the server.
is a file really the best place? if not the session then a database
is probably still a better idea.
The script is a login script. When the user successfully
logs in. Javascript is used to send the client time and
time zone offset. These are written to this file also. To
track the user for statistical and authorization reasons
this file is used to authenticate each user request and
track usage.
What I do not understand perfectly at the moment,
and I have to learn somewhere sometime, is the
figures that are recorded.
I know, I could use php's built in session handling but
I have special reasons for doing it this way.
These are the values I am recording: (a sample php script file)
$sid = '96f120f9dcf293e64e6dcbd16024491e'; // this is a session id
$da = '1200867964'; // this is
the value generated by the time() function
$hid = '2c9a46c1a5d89469481951065cc6a621';// another session id
2 session ids for the same set of data?
$ctzo = '480'; //
This is time zone offset according to what javascript sends
$ctzn = '1200868142247'; // This is the
client time according to javascript, which is supposed
there is no saying what exactly these values are without seeing
the javascript code that generates them. let us have a look.
now for the juicy bit - you have *no* garantee that the system clock and/or
the timezone setting on the client machine is anything like correct. actually
the chances that it is not are quite high - disregarding idiots, just think of
people who have to screw their clock/TZ to accomodate some other application and
more likely, people on the road, using laptops ... I don't bother to change my
TZ or clock just because I went to see a friend somewhere far away from home .. do you?
// to be in milliseconds
The specific questions are
what does the offset '480' mean? (add or subtract from utc/GMT to get
local time?)
I am in Pacific Standard Time testing this script. The server is also at
the same location.
The javascript time value should be the original request time plus the
time it takes
for a successful login to be processed:
The user types in the info and clicks the form button
the client pre submission script is run
then the server receives and processes
$_POST values and decides if the user has sent a valid id.
you might try explaining what it is that you are trying to achieve rather than
the mechanism your currently trying to employ - someone might have a better approach
Javascript time value is specified as milliseconds.
millisecond is 1/1000 of a second, right?
and dividing the value by 1000 would give seconds elapsed
from Jan 1 1970(?)
thank you in advance;
Jeff k
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
