I use a custom session handling system for internal requests and data abut cookies to store more long term information, such as details to auto log users in when they visit the website etc.
Results 11 to 16 of 16
Thread: User authentication
-
-
Not really, it would depend on the user doing it.
Originally Posted by Scriptz
Some users just check to see if the cookie, or the session is there, and no real verification on the user or anything else.
Same, I don't use $_SESSION at all, my own MySQL session management using a unique indentifier which would relate in some what to using PHP's own session management. Originally Posted by Mentor
Of course you could always just use the callback provided by PHP for using your own handling system, but heh, making your own would insure that you know how it works
-
I use Sessions for well, the session.
If they click "Remember Me!" then it sets a cookie with like a 30 letter string (already in the users row in the database) that is totally unique and when they log on the next day, it goes and gets that string and uses it to get the rest of the information from the database.i've been here for over 8 years and i don't know why
-
08-02-2008, 09:45 PM #14
Originally Posted by MrCraig
I do the same,
But I make sure I use session hashing for the cookies for security
-
I do the same with the session hashing as well as checking against the IP and other various things Originally Posted by Jin
-
08-02-2008, 10:31 PM #16
I use a mixture.
Cookies for saving information if they want [ ] Remember Me.
Sessions for general everything.
Reply With Quote
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts