Since a session has to be initialized (session_start or
session_register) before it can be used, another approach could be to
initialize a session only after a successful login. All other values
are stored and accessed in and from _request variables. That way,
nothing would be stored across
I was not able to duplicate this.
Typing over the existing URL replaced both the displayed and link text.
Could anyone else duplicate?
Keenan
-Original Message-
From: Bakchodiya [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 18, 2005 4:28 PM
To: bugtraq@securityfocus.com
Cc:
