RE: [Phplib-users] store the IP in the session
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
RE: [Phplib-users] store the IP in the session
|
From: Rob H. <rob...@ws...> - 2002-12-07 15:06:29
|
Correct, with a major exception. There is no reason why a session could not be transformed from one mode to another. The mode would just have to be stored in auth. Then a page_open would know how to restore the session, and a function such as auth->change_mode would make the change. The list simply specifies the ones you want to allow, and auth would pick the most secure that works. If you want to force a mode change, then no problem as long as it is one of the ones that you support. Rob Hutton Web Safe www.wsafe.com ********************************************************************** Introducing Symantec Client Security - Integrated Anti-Virus, Firewall, and Intrusion Detection for the Client. Learn more: http://enterprisesecurity.symantec.com/symes238.cfm?JID=2&PID=11624271 > -----Original Message----- > From: Giancarlo [mailto:gia...@na...] > Sent: Friday, December 06, 2002 9:18 PM > To: rob...@ws... > Subject: Re: [Phplib-users] store the IP in the session > > > > $fallback_mode) because this would allow new modes to be added and a > > preference list built ($mode = array("cert", "cookie")) where cert is an > > Ok, then in that case you'd certainly want to be able to apply 'cert' > only froim a certain moment on, so be able to migrate your session and > user data from the previous type of session into this new one. And not > impose one choise at the start. > And you'd never let a 'cert' session to downgrade to 'cookie' while > maintaining the same privileges. OTH. > > Gian > > > > > > > > > > > > > > |
