Mr_Superstar
[H]ard|Gawd
- Joined
- May 1, 2000
- Messages
- 1,157
Hi. I've recently decided to develop a website as a personal project. I will be creating a website, and I wanted to know what the best way to store user authentication details.
I've seen a few examples that use a 'session' table that stores the session ID, the username, and the IP address.
My question is that are stale sessions a big problem with this scheme? Changing IPs and people not 'logging out' lead to excess rows being left in the table that will never be deleted. Is this really a problem?
Are there better ways to store/prove authenticated users?
I've seen a few examples that use a 'session' table that stores the session ID, the username, and the IP address.
My question is that are stale sessions a big problem with this scheme? Changing IPs and people not 'logging out' lead to excess rows being left in the table that will never be deleted. Is this really a problem?
Are there better ways to store/prove authenticated users?