--- Scott Fletcher <[EMAIL PROTECTED]> wrote:
> > At some point, the user is going to have to be responsible for his/her
> > own actions. After all, I can log into my bank's Web site and then let
> > someone else use my computer, and there's no way my bank can prevent
> > it.
>
> Sure the bank can
[PHP] session issues for unauthorized access?
>>At some point, the user is going to have to be responsible for his/her own
>>actions. After all, I can log into my bank's Web site and then let someone
>>else use my computer, and there's no way my bank can prevent it.
Sure the
>>At some point, the user is going to have to be responsible for his/her own
>>actions. After all, I can log into my bank's Web site and then let someone
>>else use my computer, and there's no way my bank can prevent it.
Sure the bank can prevent it or otherwise my bank would never use the
website
Scott,
I suspect you will gets lot's of input on this one. There is a fairly
glaring hack that allows users to override your session variables (if you
rely on the feature of PHP that automatically adds session variables, as
well as get and post variables, to the global pool [register_globals, I
t
--- Scott Fletcher <[EMAIL PROTECTED]> wrote:
> Is there a really good way to use PHP Session to tell whenether the
> user is authorized user or not?
Yes, there are many good ways, and I'm sure I'm not even aware of many of
them.
> I see one problem here, let's say the user tried to access certai
5 matches
Mail list logo
