Is there anyway to keep session even after browser close?

Question

Since Saving cookie is not safe. Is there anyway to keep session or set session expiration so even I close the browser and open it again. It will not redirect me again or ask me again to put my username or password.

public function __construct(){
session_start();
$this->check_login();
}
public function check_login(){
if(isset($_SESSION['user_id'])){
$this->user_id = $_SESSION['user_id'];
$this->logged_in = true;
} else {
unset($_SESSION['user_id']);
$this->logged_in = false;
}
}

if (isset($_POST['submit'])){
$username = $database->escape_value($_POST['username']);
$password = $database->escape_value($_POST['password']);
$found_user = $user->authenticate($username,$password);
if ($found_user){
$session->login();
redirect_to('index.php');
} else {
$message = output_message("Invalid Username or Password <br />");
}
}else{
$username = "";
$password = "";
}

Answer 1

You have to save user_id in the session when the user has logged in successfully.

if ($found_user){
    $session->login();
    $_SESSION['user_id'] = $username;
    redirect_to('index.php');
} 

And be sure $username is unique.

Answer 2

Session is only saved in the session cookie, so if the user clears the cookies the session will be removed. Cookies are not cleared when the user closes the browser. As per Ali's answer, check the lifetime of the session cookie.

If you are really interested in identifying a returning user without the use of cookies, google for "identifying user without using cookies". You will find interesting things to do, but nothing as reliable as cookie usage.

Answer 3

http://www.php.net/manual/en/function.session-cache-expire.php

http://www.php.net/manual/en/session.configuration.php#ini.session.cookie-lifetime

the better way to make this thing is to use cookies only because setcookie contain a timeout