i have a site which is secure with a username and password combination with mysql backend database.
the encryption is sha1 for the password.
what about securing the url? at the moment it displays for example:
if you modify the ID other users can see other pages they should not be able to.
would it be best to use a script like this: