Hi Andy, On 12/7/05, Andy Pieters <mailings@xxxxxxxxxxxxxxxx> wrote:> Right now when the user is logged in, I put its id in the session.> Then when the user edits his details I put the id in the form and when it> comes back I verify if the id matches the one in the session. Well, is session data saved in a "secure" place on the server side?Read Form Processing and Sessions sections in the PHP Security Guidehttp://phpsec.org/projects/guide/ Regards,Ahmed
