Lots of great information in this thread as far as solutions go, but what I'm wondering is the concept behind how someone actually can hijack a session if register_globals is off. Should all this encryption and added protection be added to scripts with register_globals off and when steps are made to ensure (in a shared environment) that only your script can access the session files/db information?
I seem to recall reading somewhere that a malicious user can manipulate cookies in a certain way to pass data directly into session variables, but the location I read this information escapes me. Any links or explanations would be much appreciated for designing security in future scripts. Thanks in advance. - Chris Wanstrath -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
