Thread: [Phplib-users] cookie vs get

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

There's new code that prevents users from using the GET functionality to create 
sessions on the site using PHPLIB.

Well, Using:
	session4.inc
	custom_session4.inc

I created a session on my browser. Then I went to the database and deleted all 
the sessions. I then reloaded the browser and the session reappeared in the 
database.

So, does this mean someone using a terminal program or other program who is 
capable of handwriting an HTML exchange, could craft a cookie session and have 
it be accepted?

If this is true, that means:
	Creating a GET session can't be done,
	Createing a COOKIE session CAN be done?

Also, I don't know if this is the fault of PHPLIB, or the PHP4 Native sessions.

Thread: [Phplib-users] cookie vs get

phplib-users