Is there any real way to protect against possibility of session
hijacking? I thought of checking IP address on subsequent requests,
but apparently this cannot be relied on because of HTTP proxies etc.
Any wizdom on the matter? (I'm already saving the session files in a
directory protected from unwanted eyes.)
--
Arcady Genkin
i=1; while 1, hilb(i); i=i+1; end
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
