jordanwb Posted August 24, 2008 Share Posted August 24, 2008 On my script that I'm working, I use mt_rand to generate a session id, as well as the user's id as basis for a valid session (I don't use mt_rand for the user id). When the user logs in, a random number and the user's id is saved to a table and is sent as a cookie. So what I'd like to know is: Would recording the user's IP address benefit security? I think that it would in that is could help prevent Man in the Middle attacks, but I'd like your input. Link to comment https://forums.phpfreaks.com/topic/121099-logging-the-ip-address-for-security-in-session-managers/ Share on other sites More sharing options...
DeanWhitehouse Posted August 24, 2008 Share Posted August 24, 2008 Erm ,just a side note I use mt_rand to generate a session id Why not just use the session_id();?? Link to comment https://forums.phpfreaks.com/topic/121099-logging-the-ip-address-for-security-in-session-managers/#findComment-624505 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.