> -Original Message-
> From: Jens Kisters [mailto:[EMAIL PROTECTED]
> Sent: 08 September 2006 14:53
>
> we validate all incoming parameters and that includes checking if the
> phpsession ID is only numbers and letters and is 32 Bytes long.
> This worked for some PHP5 Servers but we just en
Hi,
we validate all incoming parameters and that includes checking if the
phpsession ID is only numbers and letters and is 32 Bytes long.
This worked for some PHP5 Servers but we just encountered an 5.1.2 that
issued sessionIDs that were 26 Bytes long.
I cant find any note about that in either of
2 matches
Mail list logo
