Aside from the fact that bad code can obviously make sessions hackable, what does everyone think about the security of sessions?
I rely on them fairly heavily for low-mid range security on some of my scripts, but if I was to do something that involved more sensitive info, are sessions bullet proof? Can someone forge them somehow? Bob Scanned by PeNiCillin http://safe-t-net.pnc.com.au/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php