Bad design? configuration problems? You will have better luck asking in the mailing lists, not here. Your note will be removed --- [EMAIL PROTECTED] wrote: > while reading alot about security here I'm noticed a > couple of bugs on sites with getting into the files > without actually loging in at all. For example. I > have read alot about never using the variables > instead use $HTTP_SESSION_VARS[example]. While doing > this work with say this example. > www.test.com/search.php?num=1>-- the user is unable > to log in to the site and is redirected. But when > trying it this way www.test.com/search?num=1 its > then unlocked and lets me in and I'm free to do as I > please. Anybody have an explanation for that? > > > http://www.php.net/manual/en/function.session-start.php > > > > -- > PHP Notes Mailing List (http://www.php.net/) > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > To contact the list administrators, e-mail: > [EMAIL PROTECTED] > ===== --- Jesus M. Castagnetto <[EMAIL PROTECTED]> __________________________________________________ Do You Yahoo!? Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger http://im.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]