Welcome Guest, Not a member yet? Register   Sign In
Suitabe tokens for autologin?

I have a function below which creates / inserts the customers autologin information

How ever I am not sure if the tokens and unique_tokens secure enough.

There is no personal information set in the cookie just tokens

Should I improve the tokens what would you suggest for tokens?

PHP Code:
public function create_autologin($customer_id
    $size mcrypt_get_iv_size(MCRYPT_CAST_256MCRYPT_MODE_CFB);
    $msg uniqid(rand());
    $key $this->CI->config->item('encryption_key');
    $token $this->CI->encrypt->encode($msg$key);
    $unique_token bin2hex(mcrypt_create_iv($sizeMCRYPT_DEV_RANDOM));

    $data = array(
        'customer_id' => $customer_id,
        'token' => $token,
        'unique_token' => $unique_token,
        'created' => time()

    if ($this->CI->db->insert($this->CI->db->dbprefix 'customer_autologin'$data)) {


        $session_data = array(
            'customer_id' => $customer_id,
            'is_logged_in' => true


There's only one rule - please don't tell anyone to go and read the manual.  Sometimes the manual just SUCKS!

Messages In This Thread
Suitabe tokens for autologin? - by wolfgang1983 - 07-27-2016, 01:21 AM
RE: Suitabe tokens for autologin? - by InsiteFX - 07-27-2016, 03:31 AM
RE: Suitabe tokens for autologin? - by CallHimX - 07-27-2016, 03:47 AM

Theme © iAndrew 2016 - Forum software by © MyBB