Yes, it is really safe enough for most cases, but why include user data in a cookie when you can avoid it? In addition, there is a slight drawback:
What happens if a user manages to steal a cookie from another user, you will have to change the whole way cookies are created or so that the user always has access, so reset all cookies. Imagine this is your cookie that is stolen ...
This is my solution for this: create another row in the user table named userhash. When a user logs in, you generate a random hash without any input, just random and save it both in a table and in a cookie. Then you need to save userhash:timeout in a cookie. You check this against the database to see if it exists, if so, what your user is. When a user logs out, the cookie and row in the database are deleted. For obvious reasons, you will need to check if the cookie exists before the comparison (there will be many empty ones).
Note. This method would only allow one registered cookie, so the laptop and desktop would not. This is good because theft is getting harder because it lasts until the real user logs in, and bad because it only allows one computer. But you see the idea and how you can use this method, but have several computers that are logged in ... facebook-like.
PD, it would be nice if you said how secure your application should really be ...
PD2, if you have not thought about it, there are other serious security problems (for example, SSL).