08-26-2010, 01:49 PM
(08-26-2010, 09:44 AM)Iarkey Wrote: store the username and some sort of session key that expires every X minutes and only works if the current ip matches last login ip.
Use a cookie.
in the log in block put this
PHP Code:
$x = 3600; // time to expire
setcookie("IP", $_SERVER['REMOTE_ADDR'], time()+$x);
you can check if they match by doing this
PHP Code:
if($_COOKIE['IP'] == $_SERVER['REMOTE_ADDR']){
//do stuff
}else
die();