How can cookies be securely implemented in PHP to store user login credentials?
To securely implement cookies in PHP to store user login credentials, you should use techniques like hashing and encryption to protect sensitive information. Additionally, you should set the Secure and HttpOnly flags on the cookie to prevent attacks like cross-site scripting (XSS) and ensure that the cookie is only transmitted over secure connections.
// Set cookie with hashed user login credentials
$username = 'example_user';
$password = 'example_password';
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
setcookie('login_credentials', json_encode(['username' => $username, 'password' => $hashedPassword]), time() + 3600, '/', '', true, true);
Keywords
Related Questions
- What are the security considerations when generating dynamic links to external resources, such as a shop, in a PHP script?
- Why is using Prepared Statements recommended over manually sanitizing user input in PHP?
- How can the mktime() function be used to determine the number of seconds since 1.1.1970 in PHP?