I was very excited by the suggestion to use cookies to store the entire session information, and to keep it safe by means of base64 encoding and MD5 hash with a secret salt, for storing session information securely on the client.
I realized that there is something I am missing. Sometimes I may need to put something into the session after I did $cgi->start_html. I can do it if the cookie is only a session ID, with session data stored in mysql. But how can I change the cookie AFTER I called $cgi->start_html? If I can do that, I think that I am set to go. thanks Igor
