[Phplogcon-dev] logged in via cookie

[Michael Meckelein]

Hi Brian,

If I understand the concept of your session handling correctly, it is no
longer possible to keep the user logged in longer than the browser
session.

I know it is more insecure remember users via cookie, but this is a
feature most of the users like. Actually this was one of the 'have to'
features as we introduce the user interface.

The user should decide if he wants to use cookies for remembering or not
in my opinion. Of course, we should mention in the documentation (and/or
provide a link to "read about using cookie" or something similar) that
using cookie can be insecure.

Best Regards,
Michael