Sessions and authenticaton

Anon

I'm building a site with a membersarea.

If a user login I compare his posted username/password against a database table, and if correct I set two variables in a session. His username and IP address.

On the following pages I only check if username session variable isset and if IP match.

My question is if this is safe enough? Or can improve my system in some way?

Thanks for your input,
Michael

Anon

Micheal:

I useally store the user name and the user ID in a session just to be safe. IP is ok but what if the person is on dail up?

Anon

Does IP change for dail up surfers?

I thought they keep the same IP once they are logged on, and only assigned a new one doing another logon.