On Mon, April 24, 2006 8:10 am, Ahmed Saad wrote: > On 4/21/06, tg-php@xxxxxxxxxxxxxxxxxxxxxx > <tg-php@xxxxxxxxxxxxxxxxxxxxxx> wrote: >> redirects to: >> http://www.example.com/index.php?action=edit&type=customer&id=1234&adminaccess=1 > > > and you put admin access flags (read, determine roles) in URL > parameters? Hopefully that's just a REQUEST to have admin access, not a form of authentication... -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
