when logging into the site I use sessions

$_SESSION['session_username']=$username;

but this session lives until the browser closes! how to implement authorization such as vk.com so that after the browser is closed the session does not close and in principle remains active until the user clicks "logout"

1 answer 1

You need to use cookies . I here once answered about the session.

In cookies, you can specify a lifetime, when creating a variable, and the browser will store data all the time, or until you delete it. But, you have to protect such data, and in no case should you pass authentication data or personal / secret data into the cookie, as This data is transmitted to the client, and can be read.

If you set the cook life time to 0, they will be session time, i.e. will be erased after closing the browser. As the same SESSID , which is overwritten, and after opening the page again, is not sent to the server, so PHP cannot allocate the old session and creates a new one.

  • one
    Session in PHP is already based on cookies. And you need to look here php.net/session_set_cookie_params - Alexey Ten
  • If set to 0, or omitted, the cookie will expire. Apparently you did not follow the link, there it is told about it. - A1essandro
  • Only you have about cookies in general, and here about specific cookies that underlie the mechanism of PHP sessions. And how they work, I know perfectly well - Alexey Ten