Hello all,

I use a database instead of sessions to keep information about a user. One of my columns tracks the current page that the user is on, and it is simply an update to the table setting the value with $_SERVER['REQUEST_URI']. I have been seeing some strange urls in there lately, IE Welcome to Intel.

I thought request uri was generated by the server, and pays no attention to the given header information.

One of two things are happening here:
1) I have a breach in my code somewhere, which I don't see how is possible since this code never touches user input.
2) request_uri is sent by the header and is being modified.

Does anyone have any information or tips about this?