On Fri, 4 Jun 2010, comb wrote: > If I use the users-session like setting a var "is_new_search" , I will > be afraid of someone who manually sets this var in his cookie to > FALSE.
Depends how you store session data. Ive used MySQLSessionStorage in the past (the cookie just stores hash used as key into session data table). -- -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
