"How do you think PHP knows which user has which session? "-
Well I guess because we register the session to some specific
user and password, the server knows which one is which.
-------------------------------------------------------------------------
Another question about the sessions is, how to make the
session be for the whole website until I logout (session_destroy).
For example; when I login on my website in the login page, I
have a session id, which can be seen in the address bar. When
I go to another page on my website, the session id already
disappeared.
----------------------------------------------------------------------------
"Cookies should only be for non-secret information.
Usernames are okay. Passwords are not." -
First of, can't you hash the password like with MD5 or something,
and by the way, doesn't the majority of sites like facebook, gmail,
ymail, etc, require cookies to login, register, etc. And one more,
when you logout, doesn't it sort of kills (deletes) the cookie?
Any help is appreciated
