Reputation: 8075
Remember me function using database to store details
i have a 'working' login form which validates and uses bound variables.
My site now is almost ready (content wise) to be put online so im now coming back to the login process as i want that 100% before releasing to public.
I want to have a remember me function, but cant find any help / tutorials on going about it via a database. I read a post here while back that said the best way was to store hashed values in DB and check it against a cookie.
I cant find this post anymore and googling returns old code or simple cookies for the function. I can find various posts talking about the area, but no code i can view andtry ti implement.
I want to learn the 'proper' way to do this so just need pointing in the right direction.
As well as this, i will create a delay timer on incorrect attempts and also use some hidden fields. But the remember me comes first.
Thanks, Craig.
Upvotes: 0
Views: 662
Answers (1)
Reputation: 4399
Using cookies and checking the value in the database would be the best approach. There are many tutorials of how you can make such a function. this post seems to cover what you need to know.
As mentioned there, you need to remember that a remember-me cookie can't be 100 % secure, so when the user logs in with the cookie and is about to edit some very sensitive information, a re-login should be required.
Upvotes: 1
Related Questions
- Is my php "Remember me" system secure/practical?
- How to put remember me (cookie) in PHP
- Proper way to use "Remember me" functionality in PHP
- PHP remember me cookies
- How to add "Remember me" feature in login form using php
- PHP: Remember Me and security?
- What's a secure way to create a "remember me" system in PHP with cookies?
- Implementing a "remember me" feature
- Writing Remember Me for login
- Remembering and validating user using cookies