I work with session to login users in my website.
The problem is, I want to allow users to remember
password, so after close/open the browser they dont need to login again.
Do I need to use cookies with session to make it?
my code:
$user = $_POST['user'];
$pass = $_POST['pass'];
$stmt = $mysqli->prepare("SELECT id, user, pass FROM users WHERE user = ?");
$stmt->bind_param('s', $user);
$stmt->execute();
$stmt->bind_result($id, $user, $pass2);
$stmt->fetch();
$stmt->close();
if (password_verify($pass, $pass2)) {
session_start();
$_SESSION["user"] = $user;
setcookie("user", $user, time()+3600000); // set the cookie and next?
}
so I set the cookie and then? how to login user next time? should I check if session['user'] is empty and them session = cookie value
?