Mega Code Archive
Checking for session hijacking
<![CDATA[
<?php
session_start( );
$user_check = md5($_SERVER['HTTP_USER_AGENT'] . $_SERVER['REMOTE_ADDR']);
if (empty($_SESSION['user_data'])) {
session_regenerate_id( );
echo ("New session, saving user_check.");
$_SESSION['user_data'] = $user_check;
}
if (strcmp($_SESSION['user_data'], $user_check) !== 0) {
session_regenerate_id( );
echo ("Warning, you must reenter your session.");
$_SESSION = array( );
$_SESSION['user_data'] = $user_check;
}
else {
echo ("Connection verified!");
}
?>
]]>