Session files
Posted: Wed Oct 05, 2005 3:24 pm
I just read a tutorial that explains how to change the path that session information is saved in... now when I change the path, and open that directory via the url bar, I get an index listing all session files, and when I open any of those files, I can see exactly what is in that session. Isn't that a MAJOR security issue? How can this be fixed??