Jump to content

Recommended Posts

I'm new to sessions and cookies. I'm trying to understand how to use them effectively.

 

I've developed a login script.  I used sessions to manage logins, but my server clears sessions after 24 minutes and I want users to be logged in for longer.  So, I switched to Cookies.  Now, users can stay logged in for as long as the cookie says. 

 

Now, when I read up on login scripts, it appears that most people use sessions (but I could be wrong).  Is there a problem with ONLY using cookies?  Should I be using both?

 

Thanks,

H

It shouldn't really matter.  Sessions are more secure in nature than cookies, because the user can alter the cookies on there client system.  However if you do it right you should be fine google "php cookies security"

Get yourself up to date on the proper way to use them.  Also google "Sessions vrs Cookies" to get an in-depth listing of good/bad affects of choosing cookies over sessions or sessions over cookies.

If you write the session after you read it, it will stay active until 24 of inactivity

ie

very basic

<?php
function SecChk()
{
session_start();
if($_session['sec'] = true)
{
$_session['sec'] = true;
}else{
$_session['sec'] = false;
die("please login");
}

}


?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.