Imagine this setuation, you are in an Internet Cafe, you logged in to some account on the internet (Even if it was HTTPS), a cookie, or a session id cookie would be put on your computer, in IE the cookies would be put in some file on your computer, now if the Internet cafe supervisor got into your computer, he can read all the cookies he wants, and then set them on his machine, and (in the case of sessions) he could use your account until one of you logs out (in case of cookies, it's gone forever).
does anybody knows a way to solve that ...
PS: in the Internet Cafe you both have the same IP, so it's useless to try to save the IP in your session.
My Best solution is to tell everybody not to go to internet cafes ....
--
Ala'a A. Ibrahim
http://alaa83.blogspot.com/
_______________________________________________ Jordan PHP Users Group http://php.jolug.org/ Php mailing list [email protected] http://mail.jolug.org/mailman/listinfo/php_jolug.org
