> Can anyone point me to a possible solution for this?
1. Use SSL.
2. Throw away an existing session id, if a user authenticated
successfully (e.g. destroy the old session, and copy the
data into a new one).
3. Provide a logout button which destroys the session.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
