Problem: Once I have ticked "Remember me" and login, then close the browser and re-open the webpage on the same browser my session(cookie)is automatically destroyed, but not the session data in the DB. How can I prevent the cookie from being destroyed once I close the browser ?
ps:
the logged_in() function wasn't secure enough. What I did is following:
if ($sess_hash == $db_hash) return TRUE; //if hash from session variable matches this hash user is logged in
}
return FALSE;
}
return FALSE;
}
Code:
public function hash_string($value)
{
return sha1($value);
}
I just hash the user id,password and email address and put it encrypted into session_id. Everytime he logged_in() function is run it checks by getting the DATA from the DB if the hash is matches and redirects accordingly.