0

My login script:

if (login_user($user_login, $password)){//Login check is verified
            ini_set('session.cookie_lifetime', 60 * 60 * 24 * 365);
            ini_set('session.gc_maxlifetime', 60 * 60 * 24 * 365);

            session_start();
            $user = get_user($user_login);
            $_SESSION['username'] = $user['username'];

When I login for testing, the session is active between different pages on both Firefox and Chrome. No problems there.

Though, when I restart the browser, the Login session is lost in Chrome, whilist I'm still logged in in Firefox.

I've tried to google the issue but the main pointed out issue is a missing favicon which I have in my root folder.

EDIT

  • I don't know if it helps, but I've found a cookie in Chrome called PHPSESSID (related to my website) and it basically says "Expires when browser closes".

  • The same cookie, PHPSESSID, expires on Friday, May 3, 2019, 2:12:28 AM

E.Abbott
  • 35
  • 8
  • Possible duplicate of [Is possible to keep session even after the browser is closed?](https://stackoverflow.com/questions/3684620/is-possible-to-keep-session-even-after-the-browser-is-closed) – Can O' Spam May 04 '18 at 10:08
  • I did set session.cookie_lifetime though. I don't understand why it is persistent in Firefox but not in Chrome? I don't think it's because Firefox keeps running in the background, because I have restarted the PC several times and it's still logged in. – E.Abbott May 04 '18 at 10:18

1 Answers1

1

In this case you should use session cookie for exactly checking when Browser session is opened - it is the idea behind the function.

What you are looking for is something called Persistent Login Cookie that is something similar to "Remember me" functionality mostly used in login forms. Basically you set encrypted login cookie on user's browser and then can use it for automatic authentication of user.

This answer on Stack Overflow may be helpful: Improved Persistent Login Cookie Best Practice

richardev
  • 976
  • 1
  • 10
  • 33