Hi all,Just wanted to get your opinion on a discussion currently going on on the general list.
Why does the PHP session extension not use something like the user agent to validate that a session ID has not been hijacked? Or is this something that just hasn't been implemented yet?
-Stut -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
