I've read a few videos on cookie security and it makes sense that people can modify cookie values which is a problem I'm trying to figure out to *try* and prevent. What I'll first do is at the top of the page that validates if the cookie values is in the database, but what my next problem is they'd use usernames in the database as the vaues. Are there any preventable measures to prevent cookie forging or what not.
Thanks.
