How secure are session variables? Is there a way for a client browser to change the value of a session variable by bypassing the serverside code? Is the server the only thing that can change it? Why I ask this? I want to store values in a session variable but I only want my server-side code to be able to change that value.<BR><BR>plz answer fast.