During registration, I save things like username, password(secured), user data from the registration form. What other data is common to save. Is storing the ip address from which the user verified necessary? and how about the ip from which they registered? Is there a security reason to store this data, and is the effort worth collecting and storing all this data?
The IP address could change during a session for legitimate reasons. Other information provided by the HTTP header, such as the User-Agent is trivial to spoof so there is no added security in checking or storing these fields.
That being said I do like ssh and gmail's feature of "The last ip address you use was X".