limiting content by session ok?

[Anonymous]

throughout my site i have been defining user only content by using

if(isset($_SESSION['ID_User']))

i then have a code that runs on each page load that checks ID_User and a few other sessions against the database and if they don't match up it runs session_destroy(); i was just wondering if this is secure or should i be doing something else to limit user only content?

 

[Anonymous]

This is a good solution. Of course, this could be hacked (AS EVERYTHING) but it is not so easy.

Second solution could be to create secured folder on server and password it by .htaccess.

Third solution is SSL ,..

But I'm using SESSION User Authentication and it works fine ;-)

 

[Anonymous]

Limiting data access using session variable is ok but if you can afford it then using SSL will be an added bonus as far security of your website is concerned.