Hi,
I am using php/mysql.
I need to find a way to make sure that the user is accessing the site from the pc from which they registered. How do i achieve this ?
Thanks.
| SitePoint Sponsor |
Urgent Help regarding security
Hi,
I am using php/mysql.
I need to find a way to make sure that the user is accessing the site from the pc from which they registered. How do i achieve this ?
Thanks.
How do you want to track the PC? By IP address?
No! IP gets changed etc. for some users (as their isp does not provides static IP's) so this option is No!Originally Posted by EJohnson72
I need some full proof way like detecting hardware or something like that or get MAC address of the lan card etc. ? But the thing is how to get the MAC address using php ?
Thanks.
The simple method of doing this. Forget it, not possible with PHP at all.
In any case such a limitation would annoy users more then anything.
Hoo boy. This is what happens when people start doing web programming without understanding how the web works.
the short answer is you can't..
And besides... MAC address can be changed (sometimes even easier) just as IP address.
Yeah, drop the idea of tracking such matters.
Cookie is only the way by which server can access the client pc.
But, cookie will also not helpful for your requirement.
This would be possible ( but not easy ) if you were on a private network, however, trying to do this over the internet is impossible I'm afraid without some sort of client side application.
Hi,
I can use a client side application but please suggest the method to use it. I mean how can i use client side application in conjunction with php in order to restrict access ?
Thakns.
even a client application won't guarantee that the use is using the same PC they registered with. any software can be fooled to think it's on a particular piece of hardware.
what is the purpose of this requirement?
Check out our new Industry News forum!
Keep up-to-date with the latest SP news in the Community Crier
I edit the SitePoint Podcast
Hi,
The purpose is that user should be on same system from which they registered. If its another pc they have to register a new account. Its kinda complicated. I already knew that it was'nt possible but I thought that I should double check just in case if its possible, you never know!
Thanks.
But why is the world would you do such a thing?
There is no security enhancement doing that.
It will only annoy your users.
This is not about user. Users will be taught to work in that type of enviornment. Its for security. You cannot tell a bank that they should not put a big vault coz the robber will get annoyed.
Hope you get my point. Its not about the user coz very few people will access the site (its kinda private) so the level of security must be maintained.
Thanks
Use a strong authentication system then with strong passwords. The point of having a web application or anything on the web is so it can be accessed anywhere from any computer that is on the same network. This same principle applies to the internet and the intranet of applications.
Restricting to a single computer reduces te usefulness of a web application without offering anything in return. There security you think you would get is debatable. With the right knowledge and tools it can be broken.
Hi,
Yes i know but my client does'nt knows anything about all the techie talk and is just keeps on saying that they should not be able to access. Anyways thanks for all the help. Now atleast i am 100% sure that its not doable and no one else would be able to offer so I am in safe zone!
Thanks.
Posting Permissions
Bookmarks