>>All ya gotta do is have three invisible GIFs on all three sites that come
>>from the *other* sites and the GIF does the set_cookie() of whatever their
>>user ID is.
>
>I'm not sure where you got this idea, but you should investigate
>further. A banner ad is usually nothing more than an image, a
Richard Lynch wrote:
>Would setCookie('user_id', $PHPSESSID, 0, '/othersite.com');
>
>let you get away with setting the cookies for the "other" site?
>
Luckily no. :-)
There are vulnerabilities in IE 4.0 - 6.0 that will let you read/write
cookies not in your domain, but this is a result of a
>Hello all fellow-hackers
>
>I am working on a project that includes a number of web sites, which are
>grouped together into one network. Kind of like the OSDN network, of which
>Slashdot.org, for example, is a member.
>
>I need to implement a cross-site session. Using a technique, similar to th
3 matches
Mail list logo