MHO.
S
inodes wrote:
I agree with all your arguments: the IP-base solution IS NOT perfect.
It is not generic enough to be implemented in world-wide application, but it can be useuful for intranet or extranets. That's to say cases when you know the infrastructure used by the clients to connect to your server support this strategy.
My goal is to minimize the risks for now, since I don't know yet what the perfect solution could be.
Other tests could be made: - on the browser headers - on IP ranges rather that on the single client IP address - and so on...
Jerome
-- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
