Il 00:13, luned́ 19 agosto 2002, hai scritto: > > Il 23:54, domenica 18 agosto 2002, Rasmus Lerdorf ha scritto: > > > Hrm.. Wait a second though, Giancarlo is saying that if the user > > > passes in a session id himself and that session does not exist, then > > > that will be the session id he will be given if a session is created on > > > that request. Is that correct, Giancarlo? > > > > Well, yor browser has to be 'virgin' with regards to that cookie. > > You musn't have received one already. to be an available victim > > Even if you haven't received a cookie already, I don't think you can set > the session id the way you describe. Can you get PHP to create > /tmp/sess_123 given my example? >
Yes, I do [root@pong tmp]# ls -l sess* -rw------- 1 nobody 4294967295 12 Aug 19 00:31 sess_123 it contains: a|s:3:"Foo"; Giancarlo -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, visit: http://www.php.net/unsub.php