Original -
I am writing a script that relies on retrieving the $ENV{REMOTE_ADDR} from
the user's browser. I'm depending on this for database information retrieval
rather than cookies or some type of javascripting since one cannot depend on
a user having either cookies or javascripting enabled in his browser. I've
run across an issue with an AOL user and am curious if this is a universal
problem with the AOL browser or just this person's particular browser
configurations. My script is handing the user off to a VeriSign secure
server. Sometime between when the user is handed off to the VeriSign server
and he is returned to my unsecured server, his IP address changes. Has
anyone encountered this? If so, what solution can you suggest.
Bob Showalter Replied -
You can't use REMOTE_ADDR for this purpose. His IP is being dynamically
assigned from a pool that any number of users will share over time. If you
don't want to use cookies (easiest approach, IMO), you can use a session ID
in your URL's. Javascript is necessary in either case.
My Reply -
The problem is manifest when I give up control of the user's browser to a
secure VeriSign server. I cannot use a session ID in the URL since the
VeriSign server redirects to a specific URL and I cannot specify a dynamic
value for the URL. I would like to do this with cookies, but as I stated
before, I cannot be dependent on the user's allowing cookies to be planted
in his browser. Way too much paranoia out there.
I can figure a way to react to a changed IP, but my curiosity runs more
toward why this AOL browser is switching IPs during a session. I could
understand if the user were to disconnect then reconnect his internet, but
this is just a change of web pages basically. Perhaps this is just another
reason to avoid using AOL, but I'd like to discover a reason for this
seemingly arbitrary behavior.
Peace in Christ -
Ron Goral
[EMAIL PROTECTED]
