Jump to content

storing username and userid in cookies or sessions?

MDanz

By MDanz
in PHP Coding Help

 Share

Recommended Posts

MDanz Advanced Member

MDanz

Posted
Posted

I currently have it that when a user logs in their username and userid are stored in a cookie. As this isn't the most secure method i now plan on changing the method;

 

When the user logs in, a unique token is saved in the cookie. The username, userid, banned boolean and unique token are stored a session. The token in the cookie has to match the token in the session to be logged in.

 

I've thought about storing the token in the database? Alot of times in my code i quickly require the username and userid, so storing in a session is the most logical idea to me instead of always querying the database.

 

Anyway, is my method appropriate?; if not, what is a proven method?

 

I understand that if i want to do 'remember me'  i have to have the token stored in the db?

 

Any help appreciated.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.