Menu
is using $_SESSION, using the members userid a secure way to log a user in?
ie: i have a login form, to log the user in i register their userid into a session and use $_SESSION to verify the user is logged into their profile.
I guess what i am asking is that, can a malicious user manipulate the $_SESSION form and put in another users USERID?