Something I used was this:
id | username | password | cookie_string
$foo = the id was rot13'ed then base64-encoded
$str = the cookie_string was an md5 hash generated at the time of registration
then a cookie was set:
setcookie(cookie_string,$foo.|.$str);
When the user returns, we checked for
PROTECTED]
om cc:
Subject: [PHP-DB] Index on email or ID
Always, always, always use a value that has no other significance other
than being a unique ID. Email addresses change and so do passwords, so
those are poor choices for linking data. They are fine and good choices
for login, but that's about the only thing they should be used for.
I've seen
Always, always, always use a value that has no other significance other
than being a unique ID. Email addresses change and so do passwords, so
those are poor choices for linking data. They are fine and good choices
for login, but that's about the only thing they should be used for.
I
