Nevermind, just found the $HTTP_SESSION_VARS array...

Thanks anyways!  Take care,

--Noel

"Noel Wade" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi all,
>
> So I have a session variable; but with register_globals active on the
server
> I'm hosted at (no way to turn it off), just checkng for "$varX" in my
script
> could retrieve the session variable, a GET variable with the same name, or
a
> POST variable with the same name - and as a security concern, someone
could
> use a GET request (http://somehost/mypage.php?varX=0) to spoof the script
> into thinking that "varX" is the wrong value.
>
> So, is there any way in a script to specify that I want to retrieve the
> value stored in the registered session_variable("varX")??
>
> Thanks,
>
> --Noel
>
>
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to