As to your last point, can something else change the session vars other than my php scripts, answers to that question are exactly what I'm looking for.
Other PHP scripts on the same server (doesn't have to be same domain) and most anything that can access the filesystem could modify the session files. If you're on a shared server, (default) sessions can be modified by other users. If you've got a dedicated server, sessions are safe. I'd recommend saving sessions in the database on a shared server.
-- ---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
