RE: [Phplib-users] cookie stealing
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
RE: [Phplib-users] cookie stealing
|
From: Brian P. <bp...@ct...> - 2001-11-01 23:09:02
|
An MD5 of the ethernet card hardware address would work well, but I'm not sure if it's obtainable through PHP? IP address would be an alternative, but would be fairly easy for someone to obtain for a given user, especially if you display it on the site somewhere (next to posts, for example). -----Original Message----- From: order through chaos [mailto:ke...@go...] Sent: Thursday, November 01, 2001 4:53 PM To: php...@li... Subject: [Phplib-users] cookie stealing hi! did anyone code something that checks other infos beside cookies to check session validity? (like az ip, and an md5 of some client info for eg.) coz anyone stealing the cookie could be logged in, so it's no matter if you send the password in md5 or not.. :P anyone? keo -- don't believe everything you think. _______________________________________________ Phplib-users mailing list Php...@li... https://lists.sourceforge.net/lists/listinfo/phplib-users |
