registered globals off ? > Hi, > We have a site that runs a kind of membership section. > When a person logs in we have his username + 3 variables in session, > the 3 variables are used for background processing and are never > disclosed to the client, all 3 variables contain 1 or 2 digit numbers. > > Somehow 1 person has found out about them and is creating havoc with > that damn account by changing those variables to differient > numbers...any idea how he is doing that? We can ask him to stop but > that does not solve the problem.... how can we stop him by making > changes on our server or what to do? > > Please HEAAAAAALP (help) > > Cheers, > -Ryan > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php