Page 1 of 1

System security

Posted: Tue Feb 24, 2004 2:27 am
by S_henry
Once I login into my system, I carry the login and password value through querystring (eg. "main.php?login=<?php echo login ?>"). I use this way to all of my pages. I think this is not the best way because everybody can see the login and password value at the page link. So anybody got idea to solve this problem?

Posted: Tue Feb 24, 2004 3:43 am
by McGruff
Use sessions.

At login, set a session var - perhaps the user's name and/or id.