on 7/10/03 9:51 AM, Raymond Camden at [EMAIL PROTECTED] wrote:
> Not related to your issue, but this:
>
> <cfelseif isDefined("COOKIE.LogInID")>
> <!--- Else the cookie WAS found, so we'll step in here
> and take the cookie's LoginID value to log in --->
>
> What is to stop me from editing my cookie and setting my ID to be
> someone else?
Yeah, I see that too. Before the end of the day I was gonna add a cfencrypt
to it. Wouldn't that do the trick?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4
Subscription:
http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Signup for the Fusion Authority news alert and keep up with the latest news in
ColdFusion and related topics.
http://www.fusionauthority.com/signup.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
