On my site, when a user logs in, their password is encrypted using md5() and the username and encrypted password is then passed from page to page using hidden form inputs (clicking on a link submits the form using POST). Does anyone have any comments on this method e.g. security wise? I know I could use sessions or cookies but is it relly necessary?
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
