1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

remember me option in login

Discussion in 'PHP' started by rekha, Dec 14, 2009.

  1. rekha

    rekha New Member

    Joined:
    Jan 17, 2008
    Messages:
    83
    Likes Received:
    0
    Trophy Points:
    0
    Hi,

    I have used cookies to set remember me option while login.If cookies are set,I have used sessions to set the login.But it seems to be hackable.How can I use secure login with remember me option.

    Pls suggest me a good solution.
     
  2. shabbir

    shabbir Administrator Staff Member

    Joined:
    Jul 12, 2004
    Messages:
    15,283
    Likes Received:
    364
    Trophy Points:
    83
    Encrypt your value stored in the cookies
     
  3. rekha

    rekha New Member

    Joined:
    Jan 17, 2008
    Messages:
    83
    Likes Received:
    0
    Trophy Points:
    0
    Then how to implement the username and store it in sessions for login.

    Thanks.
     
  4. shabbir

    shabbir Administrator Staff Member

    Joined:
    Jul 12, 2004
    Messages:
    15,283
    Likes Received:
    364
    Trophy Points:
    83
    Encrypted.
     
  5. rekha

    rekha New Member

    Joined:
    Jan 17, 2008
    Messages:
    83
    Likes Received:
    0
    Trophy Points:
    0
    I understand that we have to encrypt the details and store it in cookies but I dont know how to reassign them when login.
     
  6. shabbir

    shabbir Administrator Staff Member

    Joined:
    Jul 12, 2004
    Messages:
    15,283
    Likes Received:
    364
    Trophy Points:
    83
    No need to decrypt and compare both encrypted.

    Say you have value X Which when encrypted becomes djakshdakjs

    So now instead of converting djakshdakjs to X encrypt X and compare with djakshdakjs
     
  7. learn3r

    learn3r New Member

    Joined:
    Dec 19, 2009
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    0
    Occupation:
    student
    Location:
    /root
    Home Page:
    I don't know how you said its hackable. Use sessions for logins and cookies just for remember me options. I don't think you want the user to get logged in directly rather you want his/her username/email to be displayed in the form if he chooses remember me options.
     

Share This Page