So this may be a bit of a stupid question but I'm not sure I'm understanding this completely. Currently, my site uses sessions to store username and a UserID across the site; however, the session lacks the ability to remember a user should they close the browser. I want to build an option that would allow a user, on login, to click "remember me" that will save there information for a specified period of time.
My question is, how would this work? So when the login page is processed, if a user checks the box I will do a setcookie command to create the cookie. Do I also create a session? Now, when the user returns, how do I check the cookie and more importantly, how do I ensure that information is secure? (I currently use SSL for the login and to set the session)
Thanks for the guidance!