In site, when User edit own info I do hidden
his ID. But, I saw it is riskfull in this link : Malicious hacker can alter a hidden .
The second way, I think to save current logged user's ID in cookie. Can anyone change ID' value in cookie and edit info of other user?
If yes, which way can you advise me ?