0
I am creating a PHP application for login authentication:
$phpsessid = 'SID: ".SID."<br>session_id(): ".session_id()."<br>COOKIE: ".$_COOKIE["PHPSESSID"]';
file_put_contents("$ip","$phpsessid");
$m = "localhost/'.$ip.'";
$res = file_get_contents("$m");
$title=@$this->stribet($res,'SID:','<br>');
}
the $phpsessid will contain the data, time, IP, logged in account, time, etc.
How do I check an IP at login time? For example:
IP=>Conta=>PHPSESSID
1
Using proxy server, the IP you will get will be the proxy server and not the actual IP address of the user. Example:
$ip = $_SERVER['REMOTE_ADDR'];
But fortunately we can make an additional refinement for more accurate results. Proxy servers bring in the HTTP header a property that stores the original IP. Example:
echo "Remote addr: " .$_SERVER['REMOTE_ADDR'] . "<br/>";
echo "X Forward: " . $_SERVER['HTTP_X_FORWARDED_FOR'] . "<br/>";
echo "Clien IP: " . $_SERVER['HTTP_CLIENT_IP'] . "<br/>";
At login time a comparison of the user with the IP is made.
Browser other questions tagged php auth
You are not signed in. Login or sign up in order to post.
Just be careful 'cause
curl -H "HTTP_X_FORWARDED_FOR: '; DROP TABLE logins; --".– Gustavo Rodrigues