Hi, We have a site that runs a kind of membership section. When a person logs in we have his username + 3 variables in session, the 3 variables are used for background processing and are never disclosed to the client, all 3 variables contain 1 or 2 digit numbers.
Somehow 1 person has found out about them and is creating havoc with that damn account by changing those variables to differient numbers...any idea how he is doing that? We can ask him to stop but that does not solve the problem.... how can we stop him by making changes on our server or what to do? Please HEAAAAAALP (help) Cheers, -Ryan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
