I was meaning just the username, not the password, still the same issue? On Mon, 2005-10-10 at 21:35 +0200, Emil Novak wrote: > Yet another unsafe way... You can try to write a program that reads > stored cookies in Temporary Internet Files - it's peace of cake for > somebody that is advanced programmer. The best way is to "eliminate" > lazy users - you simply do not implement "auto login". It's the > fastest, safest and the easiest way to solve the problem. > > Emil NOVAK > LAMP Developer > > On 10/10/05, Dan Brow <dan@xxxxxxxxxxxxxxx> wrote: > > Well, um. ya. Back to the drawing board. Save it in a cookie? > > > > On Mon, 2005-10-10 at 14:59 -0400, Kilbride, James wrote: > > > If the session expired.. how will session hold their user id?? > > > > > > > -----Original Message----- > > > > From: Dan Brow [mailto:dan@xxxxxxxxxxxxxxx] > > > > Sent: Monday, October 10, 2005 3:05 PM > > > > To: PHP-Users > > > > Subject: Re: storing passwords in $_SESSION > > > > > > > > Thanks, figured that would be the case. Can't for life of me > > > > think why I wanted to do that, must have had a brain > > > > infarction. I want to have an expired session prompt so > > > > people can log back in with out having to start at the login > > > > page. Would having the users login saved in $_SESSION be > > > > alright? prompt them for their password and compare it with > > > > the password in the DB be fine? I want to reduce the amount > > > > of typing someone has to do when a session expires. > > > > > > > > Thanks. > > > > > > > > -- > > > > PHP General Mailing List (http://www.php.net/) To > > > > unsubscribe, visit: http://www.php.net/unsub.php > > > > > > > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php