I had worked on my own session management system with PHP 3.0
I read in PHP manual that not all PHP browsers can set HTTP_REFERER properly.
In my script what I do is,
If there is no HTTP_REFERER or if HTTP_REFERER is not coming form my site or if no session var set, then I creat new session var($session). But if not all browsers can set HTTP_REFERER then what is the work around?
Basically what I want to achive is, if someone tries to pass $session=something in URL from their site to my site, I want to create my own $session var and disregard $session=something.
