Richard Lynch wrote:
On Mon, May 1, 2006 7:13 am, Ryan A wrote:


...

You *CANNOT* assume IP address has *ANYTHING* to do with what user is
there!

IP address is USELESS for identification/authentication of users in an
HTTP environment.

with one caveat (I standing by to be shot down ;-):

when the IP is my own and I redirect everything else (everyone not coming from 
my office's
static IP for instance) to some other file/site/whatever then I can pretty sure 
thats
going to work right? - granted it's not impossible for some to screw router 
tables
and spoof IP addresses but which ever genius manages to do all that to is going 
to
be mightly disappointed by what I'm 'hiding' :-) - besides I'm not armed against
crackers of that caliber - if someones Fu is that good I'm ****ed whatever I do
(I have always assumed that there is always a way to hack a system if the person
on the other end is good enough)

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to