https://www.webmaster-forums.net/crss/node/1025113 en https://www.webmaster-forums.net/serverside-scripting/remember-me-login-script#comment-1152973 <blockquote class="bb-quote-body"><p><strong>Busy wrote:</strong> It's not that I don't want to use a cookie, just want to use a cookie in a secure way.</p></blockquote> <p>in that case the quick answer is to talk to someone who has actually written a thesis in secure cookies.<br /> at least i think he said it was a masters tehesis. i knwo he did write a paper on it.</p> <p>go to the php develeoper's network.</p> <p>look got nielsen (sp?).</p> <p>sorry i cant be of more help.<br /> had a major motherboard issue</p> Sun, 13 Jun 2004 02:09:59 +0000 m3rajk comment 1152973 at https://www.webmaster-forums.net https://www.webmaster-forums.net/serverside-scripting/remember-me-login-script#comment-1152967 <p>Wouldn't that be their own problem? Not to minimize it, but if they choose to be "logged in" automatically, it's on their head, not yours if they do that in a public internet cafe?</p> Sat, 12 Jun 2004 22:53:36 +0000 Suzanne comment 1152967 at https://www.webmaster-forums.net https://www.webmaster-forums.net/serverside-scripting/remember-me-login-script#comment-1152966 <p>It's not that I don't want to use a cookie, just want to use a cookie in a secure way.</p> <p>example; if I just put the users id and encrypted password into the cookie, who ever uses the cookie would always get a true result and be logged in to said account. Because NZ is mostly diapup uses their ip's changes all the time so comparing user id to ip would more often than not be false.</p> Sat, 12 Jun 2004 22:42:33 +0000 Busy comment 1152966 at https://www.webmaster-forums.net https://www.webmaster-forums.net/serverside-scripting/remember-me-login-script#comment-1152961 <p>Is there a reason you can't use a cookie? That's really the most common route.</p> Sat, 12 Jun 2004 19:27:33 +0000 Suzanne comment 1152961 at https://www.webmaster-forums.net