I’m new to PHP, I’ve read a lot of tutorials about cookies and sessions but I don’t understand some things clearly:
-
The session values are stored on the server, only the session id is stored in the users computer. Right?
-
Can I make a session that never expires, that is never deleted from the server and to save the session id in a cookie ? If yes than how ? (please provide me some code)
-
It`s not good to store data like passwords in cookies because cookies are not secure ? Right ?
-
It`s possible for a hacker to create a cookie with a session id of an another user ? Can a hacker guess the session id of a session or worst, the list with each session id ?
-
For a good login system (used for forums or websites where the user have some data) that can remember an user is better to use cookies, sessions or a combination of both with session id stored in cookies ?
-
Please provide me some code about how could I store the session id in a cookie and than how I can access a session if I know the session id
Thanks!
Let’s see…