Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am not using browser cookies as I know they can be manipulated, I am using session cookies but the problem for me is that the user logs in and is logged out automatically if he/she restarts the computer or browser.
What is the best way to prevent this or have something like “keep me signed in [√]”? I have seen most websites with this feature.
Thanks a lot in advance!
You’d have to set a expiration time to your cookie. Normally, Session cookies are deleted when the user closes the browser. Cookies with an expiration time are only deleted when the cookie expires, the user clears the browser cache/uninstalls the browser/etc.
In PHP for example, you could use the
setcookie('somename', 'somevalue', timeoutvalue)method for more permanent cookies and retrieve them using$_COOKIE['somename'], as opposed to$_SESSION['somename'] = 'somevalue'. If you want some more security, you could save the login status to the database as well, and compare it to the cookie each time the user goes to your website. That way you prevent someone from tampering with the cookie to fake their identity.