On 1/8/2014 10:02 AM, Kent Borg wrote:
All a visitor has to do is add *?logged_in=1* to the end of the URL and they will have access. While this may seem obvious, it is an extremely common problem with PHP scripts.
I think that kind of problem only occurs with GET variables, and it's why I avoid using them.
Bill -- Bill Horne William Warren Consulting http://www.william-warren.com/ 339-364-8487 _______________________________________________ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss