When a user registers at my site, a random number is md5 encrypted and assigned to them and is stored in the database. When they login, this number is stored in a secure cookie. On certain pages that may contain sensitive user information such as order history or other, the page looks for the cookie and if it doesn't match the number in the database, they are not allowed access. I was wondering if this is a secure way to make sure it is the unique user who is actually viewing the information?
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
