how many of you actually attempt to verify that the browser being used by the client is indeed a legitimate (non-hacked) browser?
I think you need to clearly define what a legitimate browser is. In my opinion, the ambiguity in your question is the root cause of the disorganization in this particular thread.
If you mean that you want to prevent a naive user from using software that is written by a malicious user, then current protocols and standards don't support what you want to do. "Where the rubber meets the road" is an HTTP transaction, and HTTP is a well-known protocol.
Chris -- Chris Shiflett Brain Bulb, The PHP Consultancy http://brainbulb.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
