i have a login page where in login.php i have:
Code: Select all
<?php
$_SESSION['ip'] = $_POST['ip'];
?>Code: Select all
<?php
$new_ip = getenv("REMOTE_ADDR");
if($_SESSION['ip'] != $new_ip)
{
die ("Not logged in");
}
?>So for this I have the following function:
Code: Select all
<?php
function getIP() {
$ip;
if (getenv("HTTP_CLIENT_IP")) $ip = getenv("HTTP_CLIENT_IP");
else if(getenv("HTTP_X_FORWARDED_FOR")) $ip = getenv("HTTP_X_FORWARDED_FOR");
else if(getenv("REMOTE_ADDR")) $ip = getenv("REMOTE_ADDR");
else $ip = "UNKNOWN";
return $ip;
}
?>How can I check now in auth.php if $_SESSION['ip'] is the same with the ip provided by the function?
thx