Re: [Phplib-users] Multi-domain sessions?

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

At 10:05 AM -0500 12/5/02, Walters Justin Peter wrote:

>so can you simply pass it in the URL?

That's the way I'd do it too.

>will want to verify the HTTP_REFERER so that sessions can only be
>"hi-jacked" by your sites.

HTTP_REFERER is supplied by the user and cannot be trusted.

 ...R.