TalkPHP - View Single Post

Village Idiot · 04-04-2008, 04:01 PM

Cookies are a fine way of storing login data. They are just as secure if the proper precautions are taken (as must be done with sessions). The general way I do it is this.

Cookie id
[The users ID]

Cookie pass
[The users pass]

At every page where it displays data you should be logged in to see, I have a function verify that ID and password in the database. If they match, the user is logged in. If they do not match, the user is given an error message.

Also, NEVER have the members username as the validating data, it could cause problems if there are more then one users by that name. Find the user by their unique ID.

04-04-2008, 04:01 PM	#5 (permalink)
Village Idiot Wizard Join Date: Sep 2007 Posts: 1,299 Thanks: 17	Cookies are a fine way of storing login data. They are just as secure if the proper precautions are taken (as must be done with sessions). The general way I do it is this. Cookie id [The users ID] Cookie pass [The users pass] At every page where it displays data you should be logged in to see, I have a function verify that ID and password in the database. If they match, the user is logged in. If they do not match, the user is given an error message. Also, NEVER have the members username as the validating data, it could cause problems if there are more then one users by that name. Find the user by their unique ID. __________________