I’m wondering what is happenning when a user logs in a website with or

Question

0

Asked: May 31, 20262026-05-31T22:41:30+00:00 2026-05-31T22:41:30+00:00

I’m wondering what is happenning when a user logs in a website with or

0

I’m wondering what is happenning when a user logs in a website with or without checking a “stay logged in” checkbox.
From what I understand start_session creates a variable on the server and stores the session id on the client’s browser in a cookie, destroyed when closing the said browser.
Following that reasoning, I guess that checking the “stay logged in” checkbox pushes back the expiration date by N seconds, which would be achieved by setting:

setcookie(session_name(), session_id(), time()+N);

In that case, I see no need to use cookies, at least for the logging process.
Am I right or awfully wrong? 🙂

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-31T22:41:31+00:00

The way I have written an option like that is to create a token and store it in the database along with the user ID. I then give that token to the browser as a cookie. Anytime a page request is done, I check to see first if the user has an active session, then if they have this token cookie. If they have a token cookie, I look into the database to see if it is valid and if so create a session with that user ID.

I’m sure this is an insecure, easily breached method, however.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m wondering what is happenning when a user logs in a website with or

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply