jordanwb Posted August 24, 2008 Share Posted August 24, 2008 On my script that I'm working, I use mt_rand to generate a session id, as well as the user's id as basis for a valid session (I don't use mt_rand for the user id). When the user logs in, a random number and the user's id is saved to a table and is sent as a cookie. So what I'd like to know is: Would recording the user's IP address benefit security? I think that it would in that is could help prevent Man in the Middle attacks, but I'd like your input. Quote Link to comment https://forums.phpfreaks.com/topic/121099-logging-the-ip-address-for-security-in-session-managers/ Share on other sites More sharing options...
DeanWhitehouse Posted August 24, 2008 Share Posted August 24, 2008 Erm ,just a side note I use mt_rand to generate a session id Why not just use the session_id();?? Quote Link to comment https://forums.phpfreaks.com/topic/121099-logging-the-ip-address-for-security-in-session-managers/#findComment-624505 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.