I want to block out people from getting into an admin area. I would like to do this by using ip addresses and ranges. I wrote the following code and it works, but I just want to make sure its done correctly (or if there is a better way maybe).
I'm not sure just how secure it is though.... $_SERVER['REMOTE_ADDR'] can be tainted quite easily I reckon so I'd bear that in mind. timvw has a snippet written in the code snippets forum here I believe which makes a fingerprint of the client based upon a number of factors which may be of interest I'd really have password restriction in place myself though.