http://hi.baidu.com/aullik5/blog/item/ebbed3a39e50bcabcbefd0d1.html http://www.inbreak.net/archives/173 http://www.google.com.hk/#hl=zh-CN&source=hp&q=Session+fixation&oq=Session+fixation&aq=f&aqi=&aql=&gs_sm=e&gs_upl=36l1309l0l1428l3l2l0l0l0l0l0l0ll0l0&fp=1ed925fd374f992c&biw=1280&bih=922 http://www.codeproject.com/KB/session/SessionFixation.aspx http://stackoverflow.com/questions/5081025/php-session-fixation-hijacking