Please don't worry about your admin.php file if you have applied Chat's latest patches along with my HTTP Authentication "technique" you will be protected at a much higher level, because, it requires a second level of authentication that you control. In addition, it matters not if they alter the GET, POST, COOKIE or whatever. Rest assured that our patches are as secure as they can be and thoroughly tested. And, when the kiddies come out with a variation, you don't have to change anything because it just doesn't matter. And, just for clarification, we have not yet elevated ourselves to a 'vendor' status. We are part of the community and intend to keep it informal.