Thank you for your reply.
I think I may not have explained my scenario to well, or possibly i have failed to understand your response.
I've got the user login side sorted. i'm using the ID in the login session to ensure members can only see their logs etc.
My concern is around the editing of these logs that the users create.
May I suggest you visit the site and try it for yourself;
After you receive a confirmation email, login and update a log.
Youll see the url id i'm concerned about. if you change it to 1, 2 or 3 they will return other members logs.