PHP Developers Network

A community of PHP developers offering assistance, advice, discussion, and friendship.
 
Loading
It is currently Fri May 25, 2018 3:24 pm

All times are UTC - 5 hours




Post new topic Reply to topic  [ 7 posts ] 
Author Message
 Post subject: IP based authentication.
PostPosted: Fri Feb 20, 2004 6:52 am 
Offline
Forum Contributor
User avatar

Joined: Fri May 30, 2003 4:36 pm
Posts: 300
Location: 53.23N-6.57E
Syntax: [ Download ] [ Hide ]
<?php

   //check ip and decide who is admin.



   $ip_visit = getenv("REMOTE_ADDR");





   $ip_array[] = "127.0.0.1";

   $ip_array[] = "192.168.1.1";

   $ip_array[] = "192.168.1.2";



   foreach ($ip_array as $ip_adm)

   {

      if (preg_match("/$ip_visit/","$ip_adm"))



      {

         $is_admin = "1";

         session_register(is_admin);

      }

   }



?>


Top
 Profile  
 
 Post subject:
PostPosted: Fri Feb 20, 2004 11:37 am 
Offline
DevNet Master

Joined: Thu Jan 30, 2003 9:26 pm
Posts: 2893
Location: Glasgow, Scotland
Unfortunately you can't use IP for authentication.

(1) dynamic IPs (and AOL users might change IP within the same session)
(2) NATs
(3) IP spoofing


Top
 Profile  
 
 Post subject:
PostPosted: Fri Feb 20, 2004 12:00 pm 
Offline
Admin
User avatar

Joined: Wed Aug 13, 2003 7:02 am
Posts: 4522
Location: York, UK
Might be okay for an Intranet though?! Certain machines have access to certain pages.

Mark


Top
 Profile  
 
 Post subject:
PostPosted: Fri Feb 20, 2004 12:28 pm 
Offline
DevNet Master

Joined: Thu Jan 30, 2003 9:26 pm
Posts: 2893
Location: Glasgow, Scotland
Yes - wasn't thinking about intranets.


Top
 Profile  
 
 Post subject:
PostPosted: Fri Feb 27, 2004 9:58 am 
Offline
Forum Newbie
User avatar

Joined: Fri Feb 27, 2004 9:58 am
Posts: 1
Location: Middle East - Jordan
hi folks
Well, I think it could be a great implementation to avoid session hijacking.


Top
 Profile  
 
 Post subject:
PostPosted: Fri Feb 27, 2004 12:07 pm 
Offline
Moderator
User avatar

Joined: Mon Nov 03, 2003 7:13 pm
Posts: 5978
Location: Odessa, Ukraine
simplified version:
Syntax: [ Download ] [ Hide ]
$_allowed=array(

 "127.0.0.1",

 "192.168.1.1",

 "192.168.1.2"

);



if(in_array($_SERVER["REMOTE_ADDR"],$_allowed))

  $_SESSION["is_admin"]=true;


Top
 Profile  
 
 Post subject:
PostPosted: Fri Feb 27, 2004 12:34 pm 
Offline
Forum Contributor
User avatar

Joined: Fri May 30, 2003 4:36 pm
Posts: 300
Location: 53.23N-6.57E
[quote="Weirdan"]simplified version:[/quote]

Better :)


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 7 posts ] 

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group