Welcome Guest, Not a member yet? Register   Sign In
Best practice to handle user data with cookies

I have some session issues, so i had to change my user login sessions to cookies. You can find below how it works. My question is: is it safe to have handle user login this way?

1) When user enters valid username and password i generate a random and unique string and store it in db and value in cookie. I also store users IP in db
2) On each page i look for the cookie if it exists, i yes, i do a db search for the string stored in cookie where visitors ip matches the stored last login ip.
3) on logout i delete the cookie, and string stored in db

Thank you, please let me know if there are any security (or other) issues with this process

Messages In This Thread
Best practice to handle user data with cookies - by tamasszabo - 12-22-2016, 06:28 PM

Theme © iAndrew 2016 - Forum software by © MyBB