Stephen - > It is NEVER a good idea to place sensitive information > (passwords, in this case) in cookies. They aren't any harder to > tamper with than are hidden form fields.
Hmmm...a session cookie is stored in temporary browser memory and not written to a file. Peeking about in a running browsers memory to find the cookie is a bit 'harder' than "View Source", IMHO <grin> If I understand the original question - the chap is trying to pass data between CGI instances during one browser session. The MOD_PERL suggestion from Mark certainly would work - but as noted, it has it's own startup learning curve. I stand by the suggestion that a session cookie is a potential solution. Depending on the level of 'sensitivity' of the data, SSL could be used, and the cookie text itself (even though stored only in memory) could easily be enrypted. Storing temp files on the server, presumably keyed by the REMOTE_USER has it's own bag of potential troubles that I'd personally prefer to avoid. :-) Cheers, Tim --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
