Please Critique my PHP authentication efforts

Question

After posting this a while back, I decided to create my own Registration / Authentication capability in PHP. I\'d love anyone to point out the flaws / opportunities for improve

Answer 1

If I get the flow right, then if I know your username and site name, go to the site name and give you a cookie with the username (since sessions, after all, are saved as cookies), I'm in - no password needed? Isn't that a flaw?