doing ssl connection is as easy as redirecting your users to use
HTTPS:// rather than HTTP://
sample php code to redirect people from HTTP to HTTPS
if($_SERVER['SERVER_PORT'] == 80) // normal web port
{
echo "<div align=\"center\"><strong> TRANSFERRING CURRENT WEB
CONNECTION TO A SECURE SSL PORT.... PLEASE WAIT
</strong>
</div>";
echo "<meta HTTP-EQUIV=\"refresh\"
content=0;url=\"https://www.yoursite.com/yourpage.php\";>";
exit();
}
On Tue, 21 Sep 2004 10:29:00 -0400, Ryan Sexton <rsexton@fenzig.com> wrote:
> If someone in your Intranet changes their IP, why would you care to
> detect that? They're obviously up to no good! unless of course work
> environment provides constant IP changes. Might I suggest sending an
> encrypted cookie, make that cook provide an identifier matched with the
> current ip, if the ip changes, make a note of the new ip, if the old ip
> makes another request with in a small period of time, ban the new ip.
> There's really no exact science. Good luck and let us know how you
> decide to accomplish your task, i'd be interested in hearing.
>
> -Ryan
>
> On Sep 21, 2004, at 5:01 AM, Bimal Pouldel wrote:
>
> > In one of my project for IntraNet, I am using PHP to identify
> > the client's IP, because, I have availed the access privilleges
> > using the IP.
> >
> > But there is yet a serious problem: if somebody tries to change
> > the IP of his/her computer, how should I detect at the server
> > that the client's IP was not as intended?
> >
> > Here is my simple logic normally:
> >
> > validateIP('download');
> > // A page is protected and the
> > // client's IP requires "download"
> > // previlages available in the database.
> >
> > function validateIP($service)
> > {
> > $ip=$_SERVER['REMOTE_ADDR'];
> > $dbresult=$db->query('SELECT service from SERVICES where
> > ip="'.$ip.'"');
> >
> > $serviceFlag=$db->nextRecord();
> > if($serviceFlag['service']!=1)
> > // kill the page()
> > else
> > // grant access to the page
> > } // validateIP()
> >
> >
> > Now, how should I find the $_SERVER['REMOTE_ADDR'] if it is not
> > comming from the real computer/client?
> >
> > Help me, so that I can kick off the hackers to my intranet.
> >
> > Thanks.
> >
> >
> >
> >
> > =====
> > Bimal Poudel
> > (Information Management)
> > Kathmandu, Nepal
> >
> > http://fakenepal.tripod.com
> >
> >
> >
> > __________________________________
> > Do you Yahoo!?
> > Yahoo! Mail - 50x more storage than other providers!
> > http://promotions.yahoo.com/new_mail
> >
> >
> >
> > PHP Data object relational mapping generator -
> > http://www.meta-language.net/
> > Yahoo! Groups Links
> >
> >
> >
> >
> >
> >
> >
>
>
>
>
>
> PHP Data object relational mapping generator - http://www.meta-language.net/
> Yahoo! Groups Links
>
>
>
>
>
--
==============
Engr. Andrew John P. Young
IT Consultant/RH Technician
"With God Everything IS POSSIBLE"
------------------------ Yahoo! Groups Sponsor --------------------~-->
Make a clean sweep of pop-up ads. Yahoo! Companion Toolbar.
Now with Pop-Up Blocker. Get it for free!
http://us.click.yahoo.com/L5YrjA/eSIIAA/yQLSAA/saFolB/TM
--------------------------------------------------------------------~->
PHP Data object relational mapping generator - http://www.meta-language.net/
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/php-objects/
<*> To unsubscribe from this group, send an email to:
php-objects-unsubscribe@yahoogroups.com
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
