Welcome to WebmasterWorld Guest from 54.166.178.177

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

HTTP USER AGENT problem

impermanent HTTP_USER_AGENT, changes on each click

     
10:46 am on Jan 8, 2011 (gmt 0)

5+ Year Member



Hello,

I use HTTP_USER_AGENT information in session validation something like that

===============

$agent = getenv('HTTP_USER_AGENT');
$_SESSION['o']=md5($agent);
......

$agentnow = getenv('HTTP_USER_AGENT');
$agentnow=md5($agentnow);

if ($_SESSION['o'] != $agentnow) {
logout();
}


There are no problem with it. It works for all users but today I got a support request from one user that he can login but on the next click he is being logged out.

So, how is it possible that his HTTP_USER_AGENT information changes on each click?

Thanks.
2:41 pm on Jan 10, 2011 (gmt 0)

10+ Year Member



Does he accept cookies?
6:04 pm on Jan 10, 2011 (gmt 0)

5+ Year Member



I don't know. I will check.
7:14 pm on Jan 10, 2011 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member



Hi all,

Whether I am reading this issue wrong or not, not sure, but a quick google reveals this [bugs.php.net].

You could use an alternative way to do login's and credential checks, I personally have never used getenv() before, but that's not to say it doesn't function, it could be to do with the way as the server is setup, which version of php is running and the OS too..

Simple way to check cookies would be to try and set one, and if the call returns false you can display a message asking the user to enable cookies, that's kinda how it's done on here when you first login, check, ok, set, continue.

A few options open to you..

Hope that makes sense.

Cheers,
MRb
 

Featured Threads

Hot Threads This Week

Hot Threads This Month