Can the $_REQUEST be trusted?? The documentation said it is the combination of $_GET, $_POST, $_COOKIE & $_FILE. If the PHPSESSID is found in $_REQUEST, I can tell it is from $_COOKIE. I wonder if the PHPSESSID can be stored into $_REQUEST if hte $_COOKIE is unavailable or turned off?
FletchSOD -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php