spoofing php session variables?
My website uses a lot of session variables at certain points. I was wondering if there is a way for someone to "spoof" a session variable so that if he or she knew the php variable name they could use some kind of technique to put in whatever value to that session variable they wanted. Thanks.
