Welcome Guest, Not a member yet? Register   Sign In
Getting user's IP address: input vs session methods
#11

[eluser]leighmarble[/eluser]
[quote author="InsiteFX" date="1394191258"]Oh and like the input class is not load. It is load on start up.[/quote]

Not helpful, dude. Yes, as was mentioned above, the Input class is autoloaded on start up.

[quote author="InsiteFX" date="1394191258"]So either way a class is being loaded.[/quote]

If you want to split hairs, no. If you use the Input class, then a class is being loaded. If you use the Session class, then two classes are being loaded.
#12

[eluser]leighmarble[/eluser]
[quote author="Massaki" date="1394204036"]I think the best way is using $this->input->ip_address(), because if you reutilize the method in another program, and the session library is not loaded (not needed), you won't get it.[/quote]

Yes, definitely. Another solid argument in favor of using the Input class to fetch a user's ip address.
#13

[eluser]leighmarble[/eluser]
[quote author="boltsabre" date="1394204389"]The only time I guess you wouldn't use input is when you want to ensure you have a legitimate session. You mentioned that going via the session way checks that the ip addresses match, and if they don't the session is being killed.

So yeah, if you are doing something where ensuring you have a legitimate session running is important then use session, else use input.[/quote]

Yes, that's true that the Session class will destroy a session if the new ip address doesn't match the old one (that is, as long as you have the config variable sess_match_ip = TRUE). Although, in that case, it wouldn't actually make sense to pull the ip_address from the session to check it yourself, because what would you check it against? It would already be a new session (because the Session class would have killed the old one), so the ip address that you would get from the Session class and the Input class would once again match.

So, if you're talking about verifying a legitimate session, like maintaining a user's logged-in status or something like that, you'd want to check against a custom bit of userdata that would get set on login, using
Code:
$this->session->set_userdata('user_logged_in', 'TRUE');

And if the ip address changed during the lifetime of the session, that session would get destroyed, so the custom userdata would be lost at that point, automatically logging out the user.




Theme © iAndrew 2016 - Forum software by © MyBB