I want to know in my application which is mainly php, which is best method in order to keep a user logged into a site until they have logged off. Could it be tokens, sessionlife, cookies etc?

At the moment this is how my login and logoff system works:

When a user logs in, it stores in their details in a $_SESSION:

if (isset($_SESSION['teacherid'])) {

      $userid = $_SESSION['teacherid'];

  }

if (isset($_SESSION['teacherusername'])) {

      $username = $_SESSION['teacherusername'];

  }

Then in every script it contains the code below where the sessionlife lasts for 12 hours:

<?php

ini_set('session.gc_maxlifetime',12*60*60);
ini_set('session.gc_divisor', '1');
ini_set('session.gc_probability', '1');
ini_set('session.cookie_lifetime', '0');
require_once 'init.php'; 

session_start();

?>

init.php is this below:

 <?php
 session_save_path('Session'); 
 ?>

Now after 12 hours the next time the user refreshes the page, as the session will be destroyed, it goes to the logoff page:

    if ((isset($username)) && (isset($userid))){
        session_destroy();
        echo "You have been Logged Out | <a href='./home.php'>Home</a>";
    }

    else {

        echo "You are Not Logged In";

    }

Obviously if the user clicks on the logout page then it navigates to script above.

But is this a good way of doing it? Is there a much more convenient way because if you look at proper web applications, they can keep users logged in for days, but how do they do this?

Thanks