Hello, thanks for all the replies. However, since I'm not very familiar with trans_sid I'll do some research on that. Michelle Konzack, if hiding the id in hidden form field element or enabling trans_sid could lead to security risks, what would you recommend as an alternative method to safely transfer user information across different pages in a website? Thank you. On 8/18/07, Michelle Konzack <linux4michelle@xxxxxxxxxx> wrote: > > Am 2007-08-17 22:07:47, schrieb Bastien Koert: > > > > If cookies are not available, you can either > > > > hide the id in the hidden form field element > > or > > enable trans_sid to automatically pass the session id in the url > > This will be a security risk since Session-Hijacker can grap the URL > > Greetings > Michelle Konzack > Systemadministrator > Tamay Dogan Network > Debian GNU/Linux Consultant > > > -- > Linux-User #280138 with the Linux Counter, http://counter.li.org/ > ##################### Debian GNU/Linux Consultant ##################### > Michelle Konzack Apt. 917 ICQ #328449886 > 50, rue de Soultz MSN LinuxMichi > 0033/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com) > >
