<div>
Sessions normally set a cookie of their own. &nbsp;I just use sessions for login. &nbsp;&quot;remember me&quot; is usually for an 'automatic' login at a later date. &nbsp;That would require a cookie because sessions don't last that long.
</div>


Sessions normally set a cookie of their own.  I just use sessions for login.  "remember me" is usually for an 'automatic' login at a later date.  That would require a cookie because sessions don't last that long.

<div>
Thanks, Dave. So what I am doing is fine then? If they check the &quot;remember me&quot; checkbox &nbsp;I then just set a cookie with an expiry date and don't set a session using $_SESSION['session_name'] like I would if they don't check &quot;remember me&quot;.
</div>


Thanks, Dave. So what I am doing is fine then? If they check the "remember me" checkbox  I then just set a cookie with an expiry date and don't set a session using $_SESSION['session_name'] like I would if they don't check "remember me".

<div>
<div class="content wysiwyg-content">
Currently, I have my code in such a way that if a user logs in without choosing &quot;remember me&quot;, a session is set when they login. If they choose &quot;remember me&quot;, I set only a cookie and no session. Is this acceptable or should you set a session as well? I am not sure what the common practice is.
</div>
</div>


Currently, I have my code in such a way that if a user logs in without choosing "remember me", a session is set when they login. If they choose "remember me", I set only a cookie and no session. Is this acceptable or should you set a session as well? I am not sure what the common practice is.

Is it necessary to set a session and cookie for user login?

PHP is a widely-used server-side scripting language especially suited for web development, powering tens of millions of sites from Facebook to personal WordPress blogs. PHP is often paired with the MySQL relational database, but includes support for most other mainstream databases. By utilizing different Server APIs, PHP can work on many different web servers as a server-side scripting language.