Hi Curt,
> > if ($_SESSION['HTTP_USER_AGENT'] !=
> > md5($SERVER['HTTP_USER_AGENT']))
^^^
$_SERVER *g*
> If your using the same session for IE and netscape, the behaviour
> you are experiencing demonstrates how this can prevent session
> hijacking. Netscape, using its own session should work fine.
nope, it was just a missing underscore :-(
--
Best Regards,
Mark
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
