Hi Hans,
common case of session use, though. I wonder if this could be a behavior controlled by a php.ini setting in the future? I guess what I
well there actually is a way to switch off this behaviour. You can disable any kind of session fixation attack by adding the line
php_admin_flag engine off
in your httpd.conf
So long Stefan
ps: If you find any kind of irony in my post, you can keep it...
-- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
