That's what cookies are for. They don't have to be saved. Folks who turn off cookies can be educated to turn them back on, rather than expose the "educated" users to these types of security issues.
Dan <snip> Sorry, as users almost NEVER log out but simply close the browser window the has to be a timeout mechanism. However, because the session ID is in the header any person using that computer afterwards can continue with the old session, they just have to look at the browser history. :-( </snip> To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
