formulated on donderdag :
> hi,
> i'm working on a site, which has a session created after a user
> logins, each page checks to make sure the session is there onload
> otherwise redirects to the login page. now the clients are asking us
> to make a remember me feature, is there any way to do this with the
> existing session set up? or do i need to rework it, as remember me
> from what i was planning was going to drop a cookie, so do i need
> change all those session checks to cookie checks or anyway to have
> remember me work with sessions instead? as they want it so if they
> close the pc for the night or just the browser and come back later or
> the next day login should not be required if they directly hit the
> homepage.
>
> Thanks.
The session itself doesn't close immediately when the browser is closed
(the server doesn't know that that browser closed). But as the browser
closes, it forgets it's session-cookie, so it can't go "back" to that
session.
What you will need to do is have a permanent cookie (that is: with
expiry date) stored on the client. When a "guest user" (that is: not
logged in) hits your homepage, check that cookie. If it contains a
valid "token" (you can decide what that is), then log that identified
user in automatically.
If the user explicitly logs out, remove that cookie by overwriting it
with an empty one.
Hans Kesting
Similar Threads
