Join David Powers for an in-depth discussion in this video How the autologin system works, part of Managing PHP Persistent Sessions.
- In this chapter, we'll examine the code…to log in users automatically…and create persistent sessions.…To do so,…we need to be able to identify the user.…On the first visit…we'll authenticate the user in the normal way,…asking for user name and password.…The log in form will also offer a "Remember Me" option.…If this is selected…we'll store a single-use cookie in the user's browser…in addition to the session cookie.…When the user returns to the site…we use the single use cookie to identify the user.…
If the cookie's still valid…the user is logged in automatically.…However, we need to be aware that cookies can…be hijacked or copied.…So for security,…we need to re-authenticate the user…by asking for user name and password…when accessing sensitive pages…such as user account details,…changing a password,…or shopping cart checkout.…The value of the single-use cookie…that identifies the returning user…must not be guessable.…The approach I've used is to give each user…a unique eight-character ID or user key.…
In the example database…
- Configuring sessions
- Inspecting how session data is stored
- Implementing persistent sessions
- Creating a SQL database to store session data
- Implementing the PHP SessionHandlerInterface
- Writing session data
- Closing and destroying sessions
- Creating an auto-login system with persistent sessions
- Creating persistent logins
- Checking out visitor credentials
- Authenticating users
- Logging out users selectively
Skill Level Intermediate
Accessing Databases with Object-Oriented PHPwith David Powers3h 47m Intermediate
1. Sessions and Security
2. Preparing the Database
Connecting to the database5m 49s
3. Storing Session Data in MySQL
4. Creating an Autologin System
5. Testing the Autologin System
Final thoughts3m 9s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.