The issue: Cookies can easily be modified by users.
The solution: Use ext/session to store user data.
Hint: Never store passwords as clear text or too simple md5 hash.
<?php
function getPasswordHash($user$password) {
    return 
md5('mySite' $user $password);
}

echo 
getPasswordHash('username''password');
?>
Output
105560c8b35eeed063e10049b74612f1