[OWASP_PHPSEC] Session Management Library : Adding location of sessions

Abbas Naderi abiusx at owasp.org
Tue Sep 10 13:17:52 UTC 2013


It isn't a mandatory session function, and make the system very slow. The better idea is to have it as a plug-able system that works asynchronously.
-A
______________________________________________________________
Notice: This message is digitally signed, its source and integrity are verifiable.
If you mail client does not support S/MIME verification, it will display a file (smime.p7s), which includes the X.509 certificate and the signature body.  Read more at Certified E-Mail with Comodo and Thunderbird in AbiusX.com

On Sep 10, 2013, at 12:08 AM, Shivam Dixit <shivamd001 at gmail.com> wrote:

> Hi again !
> 
> For adding location corresponding to each session, I have created following blueprint :
> 
> 1) Creating a column LOCATION in "SESSION" table.
> 2) Choosing from one of the free APIs available for IP lookup. Some of the examples are : ipinfodb (http://ipinfodb.com/ip_location_api.php) , freegeoip (http://freegeoip.net)
> 3) In function newSession making an API call to service chosen in step 2) and fetching data in JSON format.
> 4) Extract Country, State level information from the result.
> 5) Add one more column in "Insert Into session" SQL Query.
> 
> Is the above implementation correct? Or you have some other ideas? Which API service should we use for IP to location look up? 
> 
> -- 
> Cheers,
> Shivam
> _______________________________________________
> OWASP_PHP_Security_Project mailing list
> OWASP_PHP_Security_Project at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp_php_security_project

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_php_security_project/attachments/20130910/9389e889/attachment-0001.html>


More information about the OWASP_PHP_Security_Project mailing list