Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Is it necessary to set a session and cookie for user login?

Posted on 2016-10-04
3
Medium Priority
?
61 Views
Last Modified: 2016-10-04
Currently, I have my code in such a way that if a user logs in without choosing "remember me", a session is set when they login. If they choose "remember me", I set only a cookie and no session. Is this acceptable or should you set a session as well? I am not sure what the common practice is.
0
Comment
Question by:Black Sulfur
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 41828537
Sessions normally set a cookie of their own.  I just use sessions for login.  "remember me" is usually for an 'automatic' login at a later date.  That would require a cookie because sessions don't last that long.
0
 
LVL 1

Author Comment

by:Black Sulfur
ID: 41828579
Thanks, Dave. So what I am doing is fine then? If they check the "remember me" checkbox  I then just set a cookie with an expiry date and don't set a session using $_SESSION['session_name'] like I would if they don't check "remember me".
0
 
LVL 111

Accepted Solution

by:
Ray Paseur earned 2000 total points
ID: 41828581
You should probably set a session as well.  This article shows the time-honored traditional solutions.  You can copy the code samples and use them, or just follow the logic and general guidance.
https://www.experts-exchange.com/articles/2391/PHP-Client-Registration-Login-Logout-and-Easy-Access-Control.html
1

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Developers of all skill levels should learn to use current best practices when developing websites. However many developers, new and old, fall into the trap of using deprecated features because this is what so many tutorials and books tell them to u…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question