It would be possible to do this if I then created another table to load
their profile data to and use the unique id as the identifier. It would
make it alot harder for someone to guess an ID. I would then need a way to
flush out their records from the second table when they are finished.
Easily enough done using a logout script but who actually does this
anymore. It would be possible to create a script to run through cron to
delete records from that table that are more than say 30 minutes old.
Good idea, thanks.
> If that's the way you have to do it, then make the ID that identifies
> the user something very hard to guess. Take a look at uniqid() in the
> PHP manual. Assign the user a unique id after they supply the correct
> username and password, and then pass that value around in the URLs.
> ---John Holmes...
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php