0

I am having issues with a website I am making. I need to do a thing like "Facebook" (manage session in the session page, more sessions at the same time):

  1. when the user login, I open a session, I give him a token and I store it in a MySQL database. And so far, everything is ok.
  2. If the user login, and set "remember me", I open a session, I give him a token and I store it in a MySQL database. But, how can I set a "remember me"? Because if he close the browser, he lose the session token.

I think I explained myself, please help me. I can't find anything in the web! :(

Barmar
  • 741,623
  • 53
  • 500
  • 612
  • 1
    Put the token in a cookie. – Barmar Mar 15 '14 at 11:03
  • Thank you for the good formatting! I am new and now I am learning how this awesome forum works! Is not the use cookies instead of sessions more unsafe? –  Mar 15 '14 at 11:08

2 Answers2

0

Mabey you could use cookies instead of session.
so store the data inside a cookie and call it when needed.

Goudgeld1
  • 342
  • 2
  • 12
  • Is not the use cookies instead of sessions more unsafe? –  Mar 15 '14 at 11:09
  • In my opinion it is both save if you store a token. don't store a password or some valuable information – Goudgeld1 Mar 15 '14 at 11:17
  • But if the user block the use of cookies? –  Mar 15 '14 at 14:39
  • Most users won't block them and if they do you can check it and just don't show a "remember me" button. [Here a link on how to check it](http://stackoverflow.com/questions/6663859/check-if-cookies-are-enabled) – Goudgeld1 Mar 17 '14 at 15:52
0

Yry using session_set_cookie_parameters and set the cookie life time to whateer you want:

<?php
  $lifetime=600; // set in seconds!
  session_set_cookie_params($lifetime);
  session_start();
?>
Dor Moshkovitz
  • 371
  • 1
  • 3
  • 9