Thanks for all the suggestions! I found something which suits me just fine based on your ideas - wanted to share it.
The system separates most of the elements in the database (including the e-mails) based on project. That means that the users are notified when a project is created and given a specific e-mail address to use for that specific project. They then use the respective e-mail address to send e-mail messages and the system parses the "to:" field to set the proper project for the newly uploaded e-mail. The addresses are of the form "OPT archive #7 <[EMAIL PROTECTED]>" for project 7 (OPT is the name of the software package). So, my solution is simply using distinct e-mail addresses for each user of the form "OPT *A5BD8 #7 <[EMAIL PROTECTED]>", where A5BD8 would be the first five characters in the user's hashed password in the database. I may implement an optional high-security mechanism based on Billy's suggestions, but I don't know if this would be actually needed for the access level breaching this security system allows - I mean, if you do trick the system, all you're able to do is post an e-mail. The real user you're impersonating doesn't have any problems deleting it once logged in, so no harm done! Thanks again! Bogdan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]