andrewsmd - 1:42 pm on Sep 1, 2009 (gmt 0)

If you want to save their log in after they close the browser for an extended period of time then you need to use a COOKIE. Also, for the security issue, you can store the passwords encrypted, but anything that can be decrypted can be hacked and someone could catch it. What I would recommend is having an encrypted session variable name with an encrypted value. Look at this php

//if the user is logged in set the variable to this
$_SESSION['userLogged'] = md5("loggedIn");

var_dump($_SESSION['userLogged']);

Just use their username to get their information, but check if that session variable equals that to see if they are logged in.