> Saving session by ip ... what if $_SERVER['REMOTE_ADDR'] is not set ?
====
That value should always be set.
If there is a proxy between the client and the server it will be the
proxy server IP address and maybe set up
in the HTTP header as X-Forwarded-For.
> Anyway... as I mentioned my main question isn't about storing
> sessions, but getting a best practice for the pagination of search-
> results with flood-protection!? :-)
> So you both think that storing search results in the session is a good
> idea?
> I thought it would be odd and may give a better way?
====
My suggestion in this case is to use the difference between GET/POST.
When someone makes a search request than it should be with a POST.
For pagination use GET with URL parameters to switch between pages.
You will limit the access based on the type of request made.
I would keep in session (or the URL) the filter used and not the
actual results.
gabriel
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
