I have a user object which contains information about the user (username, ip, country,

Question

0

Asked: May 13, 20262026-05-13T00:30:02+00:00 2026-05-13T00:30:02+00:00

I have a user object which contains information about the user (username, ip, country,

0

I have a user object which contains information about the user (username, ip, country, name, email… but NOT password).
Should I store just the username in the cookie and then retrieve all info from DB upon loading the page, or just store the entire User object in the cookie?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-13T00:30:03+00:00

You can’t trust any information stored in a cookie, as the user can manipulate it at his/her leisure.

I suggest using a PHP session to store the object. That way, the end user only has a session ID stored in a cookie, with the real data on your server.

The session will eventually time out, though… forcing the user to log in again.

Edit: Whoops, I should point out that sessions are really easy to use. Just do the following:

session_start(); // This MUST be at the very top of every page that accesses the session

// Store something in the session with the key 'something'
$_SESSION['something'] = "Hi, I'm a session!"; 

// Retrieve 'something' from the session
$myString = $_SESSION['something'];

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have a user object which contains information about the user (username, ip, country,

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply