What you're describing is very similar to PHP sessions. A user is given a unique ID, and on the server side the unique ID is assigned variables (in the form of the $_SESSION
superglobal). The user will then send the unique ID with every request (be it with a cookie or a get variable), and PHP will fetch the variables and set the proper $_SESSION
array.
This is somewhat problematic in terms of security. The session ID can be stolen (over insecure WiFi for instance), and then the server will wrongly identify the attacker as the victim (in case of administration and limited access, this is problematic). Nothing beats a good username/passphrase combo to secure an area.
If no sensitive information is stored, than by all means sessions are a very good solution.
See the PHP manual about sessions.
You should note though, if the user will erase his cookies (if the session ID is transferred via a cookie), or clear the URL from variables (in case of GET variable), the session will expire, and the user will no longer be recognized. A server cannot absolutely identify a client. What if the user would format/switch computers? Or what if he wishes to use your service from another computer? If those are the cases, then you want to use a registration and login system.