i created user login system and with this function i start sessions
function sessionStart() {
$session_name = 'sec_session_id'; // Set a custom session name
$secure = false; // Set to true if using https.
$httponly = true; // This stops javascript being able to access the session id.
ini_set('session.use_only_cookies', 1); // Forces sessions to only use cookies.
$cookieParams = session_get_cookie_params(); // Gets current cookies params.
session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"], $cookieParams["domain"], $secure, $httponly);
session_name($session_name); // Sets the session name to the one set above.
session_start(); // Start the php session
session_regenerate_id(true); // regenerated the session, delete the old one.
}
i use sessions cookie just as you can see in function which i menotioned above i store this sessions in memcached to boost up my operation.now i need to create a cookie which store user data in it.for example i need user id then i store user id in cookie like this
setcookie('userid','1234',time()+240000)
and after that i need user password and username in case of keep user logged in.but i know i should not keep password in cookie.if not keeping password in cookie when our server crashes because of using memcache we will loose all users session.am i right?then how should i keep user logged in..please just explain.no need to bother yourself to writing code.
thanks in advance
I suggest you to keep your client logged-in data in a SQL database and give the SQL row a random salt + hash and then assign that hash to a cookie. Then you just fetch the info from the database each time.