I'm building a simple login form with a "remember me" checkbox. I've done
this before, just keeping the username and a hash of the password in a
cookie, and changing the expiration of the cookie based on the checkbox, but
this time I want to use sessions instead.
There's another site I was looking at which gives you a session cookie
immediately. When you log in, log out, quit the browser, or anything, the
cookie still contains the same session id, whether or not you checked the
remember me box. So the session hasn't expired, yet they still have the
"remember me" functionality.
How do you do that?
I'm thinking of tricks surrounding saving the time they logged in and
whether they chose the checkbox, but all of them would log a user out
eventually if they sat on the same page for too long.
So I'm wondering if anyone has some advice on that.
Ideally, I could make the session expire at different times based on the
checkbox, but using session_set_cookie_params has been giving me fits, and
seems to only work occasionally.
Any guidance would be appreciated.
Thanks,
-josh