PHP Cookie Session Implementation

I'm somewhat a beginner to php. I've used Coldfusion, on the other hand, quite a bit. I have a client that wants to be able to check his financial records such as credit card. An excerpt from their proposal:

"Our family needs a way to access vital financial information online quickly online anywhere in the world.
We travel a lot because we are a military family. We need access from PDAs, cell phones, and laptops.
This project will continue with many phases.
We eventually want to be able to use this site to automate as many functions as daily financial activities as
possible such as sending automated event notifications, store contacts, send reminder emails, and more.
In phase one, we want to start small with a few tables, text based pages, basic functions and alike.
During this phase we want to focus on the ability to synchronize, enter, manage, and access our basic home
bills, credit cards and bank accounts online. We also want to be able to enter, view, search, print, and delete
each of these records."

He wants to be able to check these records from cell phone, pda, laptop, etc. He has stated that he would like to be able to click a checkbox so that he can just stay logged in and not be bothered with signing in, again. Is there anyone who could point me into the right direction?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Richard QuadlingSenior Software DeveloperCommented:
I have to ask how on earth are you going to provide a secure service without the need to login each session?

Think about this.

They lose their phone. Someone finds the phone. They turn it on. See it has a browser and probably a browser history/shortcuts.

Sees something like "Home banking and credit cards".

Selects the page and they are in.

No security.

If you have been asked to supply this sort of system, GET IT IN WRITING THAT THEY UNDERSTAND THE SECURITY CONCERNS THAT YOU HAVE.

Explain to them why we have user ids and passwords.

Explain that you, as the expert in this field, strongly recommend AGAINST having a system with no security.

If they STILL want to go ahead, then get them to sign it and have it witnessed.

If you are in the US, I can be pretty sure that the first time they suspect somethings gone wrong, they will be at your door with a solicitor or 2 saying that you didn't tell them that ANYONE could access their data.

In the big scheme of things, this is the sort of job I would walk away from if they said they still wanted no security.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
HangingClownsAuthor Commented:
Thanks for the comment about what you thought. I've been told by others to back off of this project, and I thought that this one would be fine. But, since 3 out of 3 people so far say that I should back down, then maybe it's for the best.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.