A friend of mine needs help, we are both PHP newbies. Here's her prob:
I have user authentication program that uses mySQL to store the username/password and
other information that they entered when they registered. The secured pages use
?userid=$userid at the end of the page name to designate who the user is. (example:
main.php?userid=admin) I want to make this more secure so that you can't just type
the example in and have access to the admin files (or type in someone's username and
have access to their files). I'm using a cookie right now but I'm having troubles
with it because you have to refresh the main page every time you login or it says that
you're not a valid user.
Steph
