From: <[EMAIL PROTECTED]> > Didn't know this was the army :-)
Yeah, I signed you up last week. You report to basic training in November. I hope you're ready! :) > first unless you got your variable ordering (POST, GET, Env, Sesssion > etc). the values in the session can be easily overridden with a simple > old query string. Sure would hate to have my username and password > passed along to each page. remember that when you are using cookies the > data actually get's transferred between the client and the server. By default, sessions are made global last, so the session value would overwrite anything passed. But, yes, you're right that if some idiot changed the order around (why?) then it could present a security problem. Thanks for the explanation (just checking!) :) ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
