Thank you very much for those answers guys !
Since I´ve learned programming and PHP by myself, I miss some of those tricks...
Now that you pointed me that making a DB query for everything is the safer way to go, WHAT ABOUT PERFORMANCE ?
I mean... If I only store the user_id in session, everytime a user make a request I would have to performance all these queries:
* Get the USER group
* Get his GROUP permissions
* Get the USER ACL permissions
* Get the USER company_ID
Before every request my code would run 4 queries....
Why not save those data in session ? Wouldnt the performance be increased in a high usage program ?
THANK YOU !