hi there
when i build a login system, i usually use login by checking a users table, and then save the info in a cookie, which is time-defined.
I am looking for a better more secure way to do this, which could include more advanced features, such as:
1) checking that the users isnt logged in twice at the same time
2) that the 'session' does not remain live if the browser window is closed
3) more secure - doesnt mean saving user info in session (?)
can anyone suggest anything?
thanks!
when i build a login system, i usually use login by checking a users table, and then save the info in a cookie, which is time-defined.
I am looking for a better more secure way to do this, which could include more advanced features, such as:
1) checking that the users isnt logged in twice at the same time
2) that the 'session' does not remain live if the browser window is closed
3) more secure - doesnt mean saving user info in session (?)
can anyone suggest anything?
thanks!
