Best practice to handle user data with cookies |
I have some session issues, so i had to change my user login sessions to cookies. You can find below how it works. My question is: is it safe to have handle user login this way?
1) When user enters valid username and password i generate a random and unique string and store it in db and value in cookie. I also store users IP in db 2) On each page i look for the cookie if it exists, i yes, i do a db search for the string stored in cookie where visitors ip matches the stored last login ip. 3) on logout i delete the cookie, and string stored in db Thank you, please let me know if there are any security (or other) issues with this process |
Messages In This Thread |
Best practice to handle user data with cookies - by tamasszabo - 12-22-2016, 06:28 PM
RE: Best practice to handle user data with cookies - by enlivenapp - 12-22-2016, 09:26 PM
RE: Best practice to handle user data with cookies - by skunkbad - 12-23-2016, 12:58 AM
|