1. "RE: School Me on Secure Login (PHP, of course)" In response to In response to 0
I'm no PHP expert, but I do have some experience with it.
I believe that the difference between sessions and cookies is that seesions are stored on the server, and cookies are stored on the user's machine.
"Also, I mean, should my script just poll the database for an entry with a matching email, check the password and then set the session values??" --Yes
"Oh and as for storing password... MD5 encryption the way to go?" --I've used SHA1 (http://us3.php.net/sha1). Not sure if one is better than the other.
----------------------------- There is no such thing as coincidence, just the illusion of coincidence itself.