You can also validate the IP of the user for the session. Since many people are still on dialup, they do not have a static IP and therefore its of little value to store...but it should remain the same for the session.
IP addresses are pretty much worthless unless you're on an intranet where you can control them.
Thats why I said CAN, since it is unreliable
That's why I said ARE, since I drive a Dodge.
---John Holmes...
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
