On Wed, 20 Oct 2004 12:27:41 -0400, Tim Slattery <Sl********@bls.gov>
wrote:
Fabri <no@sp.am> wrote:
Jeff Cochran wrote:
Sure. Session variables
Aren't session variables stored in cookies?
No. They are stored on the server. The server sends a cookie to the
browser which identifies the session. When the browser sends that
cookie back, the server knows where to look to find the stored server
variables.
Which may or may not defeat the objective of the poster, if cookies
are the issue and not the ability of a hacker to change a cookie and
spoof your store.
Jeff