can cookie do session task to check ur login status and some doubts in cookie and session and any spacial location for cookie in html page

Question

Hi everyone

I want to add remember me option in my login page.Now is it possible without using session or cookie and tell me which one should i use here cookie or session...

Now if i am signed out and shut down my pc and then again start it as i enter the url of my login page either username and password muse be filled in both boxes or automaticlly i get login...

How i can do this...

I am confused in session and cookie..I know that cookie is sent to our computer when i visit any site..is it like this...Some doubts are here

1. Is password and username are automaticlly thrown into ur computer when u use any login page which have not used cookie concept in his page..
2. i have two pages one is login page and second one is password_matching page..NOw if i create a cookie which store my user name and password,next time what type benifit i can get from this cookie and how i will call a cookie there..
3. I use session for checking wheher i am logged in or not ,can i use cookie in the same way to check whether i am logged in or not..
4. is there any spacial location where i should use cookies on my html page.Like i use session in very first line for checking does session exist or not...

Also tell me where session should be used and where cookie should be used.

Answer 1

I cannot answer everything now but some thoughts:

Mostly it is a browser feature that your username and password are already filled in the form. E.g. Firefox always asks if you want to store the password and username for the site you just logged into. So this is totally independent from any cookie or session using.

The automatic login on the other hand has something to do with cookies. Mostly in such a cookie a token is stored that gets transferred to the website which checks in some database whether the token is valid or not.

The only thing you could implement such a feature without cookies is to put such a token in a URL, the user has to bookmark. But I would not use such a construction for automatic login.

Answer 2

Sessions depend on cookies (usually).

Cookies have a lifespan. If no lifespan is set, a cookie will die when the user closes the browser. This is called a "session cookie". Sessions use session cookies (but not all session cookies are sessions).

By default (you can override this), PHP sessions depend on a cookie called PHPSESSID.

---

You can use URL parameters, instead of cookies, for sessions, but don't.

Answer 3

Session ends when browser is closed, cookie can have a long lifespan. cookie has a 4kb memory limit and I'm pretty sure session does not have a limit.

You would use a cookie for "remember me" feature. and set the cookie to expire 2 day later or 2 year later