on 17/07/02 11:11 AM, Analysis & Solutions
([EMAIL PROTECTED]) wrote:
> On Wed, Jul 17, 2002 at 10:43:24AM +1000, Justin French wrote:
>> I set a
>> cookie on their system which remembers them, which is just their username
>> and an md5() of their pasword (the same data I add to the session).
> OUCH! Sending the password back out to the net is a scarry prospect.
Interesting -- I haven't actually implemented this on a live site, but was
about to in the next few days... might hold off :)
How else can you verify the user in a "remember me" situation?
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php