Hi i have a membership system on my site and i noticed a problem that is on my site. The user can change the a cookie information which holds the users id, after that the user can be logged in as a different user by changing the id, i was wondering how i can avoid this problem, i don't need any code by the way just a idea to help stay away from this issue.

That's why I try to avoid cookies except to hold generic information that the scripts only reference or if they do require, cross-reference before using (e.g. it stores username/id/joined-date (unix timestamp, makes it incredibly hard to guess), check to see if all 3 pieces match up, if not, log them out). The $_SESSION variable is reasonably nice and efficient as well and is entirely based on the user's browser.

Though I'll warn you, if a hacker wants to get in or screw with your website, it's only a matter of time. You're job is just to make sure they get frustrated and give up before they find a way in ;)