Differentiate users with cookies, rather than IP addresses
Dan Atkinson commented
I work in an office and when I sent your link around, it started picking up the last information from the last request (eg postcode, city et al).
It seems that you're using an IP-based session, which I suppose is alright, except when you work in an office where the traffic all points from one IP, or you just have a dynamic IP like most ISP customers have.
It would be nice if you could create sessions using the standard HTTP cookie system, rather than the nifty (but slightly problematic) way you have now.