I am building a forum and I am not sure about the best practices of setting up a cookie.
Here is the cookie that I build as user registers the site:
setCookie($name,$ip,time()+300000,"/");
instead of this: time()+300000. I want the cookie last forever, but I am not sure how to do it.
Also, I have a question regarding on security. how do I check that the cookie wasnt tampered or set by a hacker?
Another question, how do I check if the user allows cookies on his browser?
UPDATE:
I put this as soon as login validation is valid: setCookie($name,$ip,time()+60*60*24*365,"/");
UPDATE:
if(!isset($_COOKIE['$name'])
{
$salt="androidprogrammer26@yahoo.com";
$hash = SHA2(salt + $_POST['pass']);
setCookie($name,$hash,time()+60*60*24*365*50,"/");
}