Adrian Crum wrote:
ThanksSession cookies are totally different and separate from the very common username cookies. Keep studying.Also keep in mind that storing the session ID in a cookie is a security risk too - that session ID can be hijacked or reused by another user.
yes, but what is the alternative? Cheers Michael
Hence my initial question. Cookies are a security threat. That's why modern browsers give you the options of disabling them or removing them when the browser closes. -Adrian
