User identification through cookies

An alternative to user identification...

Figuring out how to identify a user and to avoid the PHPSESSID longstring in the URL
(if using sessions) or cookie-based session handling (which is flawed), I came out with
the following method. I would like to ask you for comments:

What is happening upon each access to index.php:

1. A cookie, for example "USERCOOKIE", is tested for existence
2. If the cookie exists, the value is read
3. The value consist of UID:LOGCODE pair, obviously separated by ':'
4. UID is numeric ID into user database
5. LOGCODE is an MD5 encrypted code of a randomly generated 16char string
6. The user is searched for, by UID value in his ID field (primary key unique auto_increment)
7. LOGCODE field is extracted from the database and compared to the one from the cookie
8. If UID exists and LOGCODEs are equal, user is identified by his ID
9. If user exists a new cookie is set to his computer and the database is updated (he
gets a new logcode string)

So, when a user logs in, he receives a logcode in his database entry (UPDATE...).
The cookie is set on his computer, expiration time time()+60 sec. The index.php generates
a page that reloads every 55 seconds.

If the user is idle (does nothing) his browser will reload thus registering himself. Otherwise
upon each access to index.php he is being registered over and over again.

When the user logs out, the cookie is deleted (set by the same name but with empty value
and expiration time set to -3600 sec), and the LOGCODE in the database is set to NULL.

Possible pitfalls:

- slowdown of the system because with each click on the page he is being re-identified
(SELECT, UPDATE, SELECT)

Although regeneration of the LOGCODE is possibly not required, this is to avoid the storage
of last LOGCODE on the client's computer in case he does not log off but shuts down the
connection (or otherwise goes away). Each LOGCODE is valid for 60 seconds or less.

Please share your thoughts...

Vlad.