I marked those I already know as "can", $_SERVER['REMOTE_ADDR'] CAN $_SERVER['HTTP_REFERER'] CAN $_SERVER['HTTP_USER_AGENT'] CAN $_SERVER['REQUEST_URI'] CAN ( cause it contains the query string part and user/hacker can easily change that ) Those I'm not too sure are as follows; $_SERVER['SERVER_NAME'] $_SERVER['DOCUMENT_ROOT'] $_SERVER['SCRIPT_NAME'] $_SERVER['PHP_SELF'] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
