What are the recommended methods for implementing a "remember me" feature in a PHP login form?

To implement a "remember me" feature in a PHP login form, you can use cookies to store a user's login credentials securely. When a user logs in with the "remember me" option checked, you can set a cookie with a unique token that identifies the user. Upon subsequent visits, you can check for this cookie and automatically log in the user if it is present.

// Check if the &quot;remember me&quot; checkbox is checked
if(isset($_POST[&#039;remember_me&#039;])){
    // Generate a unique token
    $token = bin2hex(random_bytes(16));
    
    // Set a cookie with the token that expires in 30 days
    setcookie(&#039;remember_token&#039;, $token, time() + (30 * 24 * 60 * 60), &#039;/&#039;);
    
    // Store the token in the database for future reference
    // This is just an example, you should adapt this to your database structure
    $user-&gt;updateRememberToken($token);
}

// When a user visits the site, check for the remember me cookie
if(isset($_COOKIE[&#039;remember_token&#039;])){
    // Retrieve the user based on the token
    $user = $user-&gt;getUserByRememberToken($_COOKIE[&#039;remember_token&#039;]);
    
    // Log in the user if the token is valid
    if($user){
        $_SESSION[&#039;user_id&#039;] = $user-&gt;id;
    }
}

Keywords

sessions cookies authentication security persistent login

What are the recommended methods for implementing a "remember me" feature in a PHP login form?

Keywords

Related Questions