---------- Original Message ----------------------------------
from: "Don Vawter" <[EMAIL PROTECTED]>
>I have been asked to do a code review of a site and I have found that the
>developers don't bother to lock session variables when then read or write
>them. Does anybody have an good horror stories about the dangers of doing
>this so I legitimately show the customer why this is a problem.
Hijacked sessions
Corrupt data
Server crashing
That might help, or get an Allaire document that says session variables have to be
locked, to show that the previous coders didn't even follow the software builder's
advice.
Chris Norloff
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
