Session

Anon

I've written a login script,it connects to a mysql db and check's the user and password, if it returns true i've written the following thing:

session_start();
session_register("username","password");
header("Location: addNews.php");

in addNews.php I use session_start and check again if the username and password are correct (via db). is this a secure way for doing that or are there big security holes?

Thanks in advance

Gianni

Anon

i use sessions. it's fairly secure. the public can't read your PHP scripts so u don't have much to worry about...