|
|
Posted by Rik Wasmus on 01/13/08 02:51
On Sun, 13 Jan 2008 03:24:42 +0100, thib´ <thyb0@coralsnake-team.com>
wrote:
> Rik Wasmus wrote:
>> On Sun, 13 Jan 2008 02:22:06 +0100, Peter Pei <yantao@telus.com> wrote:
>>> cannot see the connection
>> 1. Usenet Etiquette
>> 2. We're talking about sessions, and the way to keep them for only one
>> person. What is it you don't understand that there's no way they can be
>> implemented with any reliability (unless you force them to be carried
>> through $_POST, and even then...)
>
> IP/Password hash via $_GET and no ck?
Same machine, same IP, same problem people 'giving' some other one an url
which happens to have their password hash...
--
Rik Wasmus
Navigation:
[Reply to this message]
|