On Wednesday 25 Jun 2003 16:15 pm, Rizal Firmansyah wrote: > So if someone hack other's session by guessing, cfid and cftoken (which is > easy cause they're both integer - cf5).
Or tie sessions to IP address' via a similar method. -- Thomas C Advanced ColdFusion Programmer PLEASE NOTE: When the Recipient Is Not Directly Observing This E-mail, It May Cease to Exist or Will Exist Only in a Vague and Undetermined State. PLEASE ALSO NOTE: I don't speak for the company that sent this. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
