Check if session IP matches current IP - PHP

Question

So I am checking an session IP against the current session. I have had a look at the the questions that may have my answer and none of them do.

What happens is that everytime I connect, I get 'Your IP doesn't match...'

<?php
if (isset($_SESSION['ip']) and (strcmp($_SESSION['ip'], md5($_SERVER['REMOTE_ADDR'])))){
    echo "Your IP doesn't match your session, your IP: ". $_SERVER['REMOTE_ADDR'] ." and your session IP: ". $_SESSION['ip']. ". <a href='/scripts/signout.php'>Click here to log out.</a>";
    die;
}
?>

I know to use HTTPX and will implement that after I fix this. Also $_SESSION['ip'] is the md5(Current IP)

Answer 1

you are comparing session ip and md5 of ip address, so probably you need:

<?php
if (isset($_SESSION['ip']) and ((strcmp($_SESSION['ip'], $_SERVER['REMOTE_ADDR']) !== false))){
    echo "Your IP doesn't match your session, your IP: ". $_SERVER['REMOTE_ADDR'] ." and your session IP: ". $_SESSION['ip']. ". <a href='/scripts/signout.php'>Click here to log out.</a>";
    die;
}
?>

Answer 2

strcmp returns 0 if the strings match, and in php that will equal false, also you don't need the md5 call really.

<?php
if (isset($_SESSION['ip']) && strcmp($_SESSION['ip'], $_SERVER['REMOTE_ADDR']) !== 0){
    echo "Your IP doesn't match your session, your IP: ". $_SERVER['REMOTE_ADDR'] ." and your session IP: ". $_SESSION['ip']. ". <a href='/scripts/signout.php'>Click here to log out.</a>";
    die;
}
//or you can just go 

if(isset($_SESSION['ip']) && $_SESSION['ip'] !== $_SERVER['REMOTE_ADDR']) {
/// stuff
}

Check if session IP matches current IP - PHP

Question

2 answers

solution1
1 ACCPTED 2013-10-12 11:56:15

solution2
1 2013-10-12 11:58:48

Check if session IP matches current IP - PHP

Question

2 answers

solution1 1 ACCPTED 2013-10-12 11:56:15

solution2 1 2013-10-12 11:58:48

solution1
1 ACCPTED 2013-10-12 11:56:15

solution2
1 2013-10-12 11:58:48