I'm trying to make a customised session system (I could use PHP's built-in one, but I need a lot more control than it offers). I could use the autoincremented id in a cookie, but it would be easy for a hacker to change the cookie to gain access to others' data.

John W. Holmes wrote:

I could concat when selecting, but it will be used in the where clause
(it is neccesary to do it like this, I'm also md5ing it but forgot to
mention that), and I'm guessing it would be bad for the server to have
to concat and md5 in the where clause.

Yeah, I guess so. This all begs the questions though of why you're doing
all of this in the first place...

---John Holmes...

The above message is encrypted with double rot13 encoding.  Any unauthorized attempt to decrypt it will be prosecuted to the full extent of the law.

Reply via email to