John wrote:<br><div><span class="gmail_quote"></span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">In my opinion, the best practice for "remember me" functionality, is to
<br>store the encrypted/hashed username and password on the cookie, then<br>when the user returns to the site, try and log them in after decrypting<br>or comparing hash values, instead of having the user enter them manually.
</blockquote><div><br>I agree with this, but shouldn't you consider the problem of a different person accessing the computer after the real user has left? to tackle this problem something would have to be done, a possible solution would be what Dave Bauer said, just to ask for a password when the user returns
<br></div><br>I'll have to learn how to create cookies and to store information on them.<br><br>Any tips about encryption?<br><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Everything else should be instanced as per a "normal" login from then<br>on. If you have session specific information, then the session has<br>ended.. thus the new session will lose that information.</blockquote>
<div><blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote"><br></blockquote></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
However, it is possible to store the session ID in the users cookie, so<br>if the session has not expired, and you override the cookie timeout, it<br>would be possible for the user to return to the same session (and also<br>
possible to return to the same session from a different machine - so be<br>warned of hijacking!)</blockquote><div><br>How do I get the session id and retrieve the session using this id? in which place do sessions dwell?<br>
</div><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Hope this helps,<br><br>John</blockquote><div><br>Thanks a lot John and Dave!<br></div>
</div><br>