This is quite easy - you'll be interested in two cookies: w3t_myid and w3t_key.
myid contains the user number. key contains an md5 hash of the user number + the password as stored in the database (i.e. md5("$user_number$password"))
Some Perl, as my PHP is a little rusty...
use CGI::Cookie; <br />use Digest::MD5 qw(md5_hex); <br />my %jar = fetch CGI::Cookie; <br />my $this_user_number = $jar{"w3t_myid"} ? $jar{"w3t_myid"}->value() : 0; <br />if($this_user_number) { <br /> my $passwd = $dbh->selectrow_arrayref("select U_Password from w3t_Users where U_Number = ?", undef, $this_user_number); <br /> my $key = md5_hex("$this_user_number$passwd->[0]"); <br /> if($key ne $jar{"w3t_key"}->value()) { <br /> # User is logged in, but password doesn't match <br /> } else { <br /> # User is logged in, and password matches <br /> } # end if <br /> <br />} else { <br /> # User is not logged in <br />} # end if <br />If all your code is in PHP, you might want to look at including the Threads libraries directly, then using the internal calls to authenticate the user... though this may be difficult if your application is on the complex side. Things might conflict a bit.
Anyway. Once you've authenticated the user, then you can just pull the rest of the user info out of the database based on his number.
