on 17/07/02 11:11 AM, Analysis & Solutions ([EMAIL PROTECTED]) wrote: > On Wed, Jul 17, 2002 at 10:43:24AM +1000, Justin French wrote: >> I set a >> cookie on their system which remembers them, which is just their username >> and an md5() of their pasword (the same data I add to the session). > > OUCH! Sending the password back out to the net is a scarry prospect.
Interesting -- I haven't actually implemented this on a live site, but was about to in the next few days... might hold off :) How else can you verify the user in a "remember me" situation? Justin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php