Cookies

Anon

How would would a set a cookie on a users computer with their username and password so that it expires immediately when they close the browser.

Anon

If you don't set an expiry time with the setcookie() function, by default it expires when the browser is closed. Keep in mind, though, that this does not guarantee that the cookie is cleared from the browser's cookie file, only that the browser will not return it to your page on the next request.

Personally, I don't think it is a good idea to set user id's and passwords in cookies, but every application and circumstance is different ;-)

-- Rich Rijnders
-- Irvine CA US

Anon

I agree as it makes it easy for someone to scrape the cookie file and log in as that person.

The better solution would be to give a temporary id that uses either a temperary entry in a database to sink everything up, or if you do not have a database a textfile.

then you can set time stamps that update and if it has been to long you can cancle connection.

This takes a bit more programming, but makes it alot easier to maintain security.

Anon

you can use session as well, personally , i am quit sick of using cookie