>I want to protect a cgi with a login+pwd window first.
>In further actions of my cgi, is there a way to remember that login+pwd w
ere correct ?
1. You can set a cookie (login ok, and a time stamp)
check the cookie is valid
2. You can log the User IP, Time and the state of the user
check in file/db
problem: hard to code, slow in execute
3. you generate a session uid an redirect with this session id.
check the session id is valid
problem: you must check the current session uid an delete the old.
>Or do I have to add hidden fields to my forms with $login and $password
a very hard security hole.
cu Juergen Weisental