From: "Hatzenbeler, Tim" <thatzenbeler@xxxxxxxxxxxxx> And the really smart people will use a tool like brad's geturi, and send a page a url with all the parameters and download the data...
That's why I store session variables for each user on the server rather than embedding them in cookies, query string parameters, or hidden form variables. Just the session ID is returned in the cookie. It helps thwart CGI hacking with tools like GETURI.
As an Amazon Associate we earn from qualifying purchases.
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.