[eluser]mvdg27[/eluser]
Basically the reason I need this kind of thing is that my client doesn't want the user profiles to be browseable to easily.
I'm writing this app for an alumni database. All the alumni profiles are public, and they can be accessed with a search function for all logged in user. The only thing they want to prevent is people going through all the profiles just by changing the URL and possibly ripping all the contact details (they somewhat want to prevent their database of alumni).
I'm aware that this is never fool proof. In this case the goal is just to have a very basic "protection".
I agree that md5 might not be too smart, since once you figure out I'm using md5, it's just as easy as entering all the id's in the URL. However in my case, there is no need for a super safe solution.
I'll look into the suggestions you made.
Thanks, Michiel