Reputation: 9326
Advantages of Sessions over Cookies in PHP
So, I think I have a basic idea, of what Cookies and Sessions are. Cookies are stored on the client, and Sessions are stored on the server. But what I would like to know is what is the advantage of using a session over a cookie? Is a session simply used to share data between pages?
Upvotes: 2
Views: 7967
Answers (7)
Reputation:
Sessions are not reliant on the user allowing a cookie. They work instead like a token allowing access and passing information while the user has their browser open. The problem with sessions is that when you close your browser you also lose the session. So, if you had a site requiring a login, this couldn't be saved as a session like it could as a cookie, and the user would be forced to re-login every time they visit.
You can of course get the best of both worlds! Once you know what each does, you can use a combination of cookies and sessions to make your site work exactly the way you want it to.
refer : http://php.about.com/od/learnphp/qt/session_cookie.htm
Upvotes: 2
Reputation: 15159
Use both.
Only use a cookie to identify a session. Cookie data is sent with every request (even for images if they're on the web server). Minimizing the data in a cookie means less data being sent over the wire.
Store all other application data in a session. Be prudent to keep the session data small. A large amount of data in the session will overwhelm the server with memory usage if there are a lot of requests from many different users. Store large data in a User object in the object, or related objects linked to a User.
Hope that helps...
Upvotes: 0
Reputation: 1
Have a look: PHP - Sessions vs Cookies
sessions serve as temporary information holder that can hide information, whereas cookies serve as both a temporary and long-term information holder. After the difference between sessions and cookies is apparent, making the right choice for a website is rather simple. Though sessions may seem easier to use than cookies, never doubt the power and ease of using cookies.
Hope this helps.
Upvotes: 0
Reputation: 4121
A cookie's data can be modified, as the data is stored locally (on the client), where as a session's data is stored on the server, and can not be modified (by the client).
However, a PHP session sets a cookie on your browser, so that PHP can refer to the session key on the cookie, and give you the corresponding session. This means that if someone gets your session key, they can add a cookie to their browser, and essentially hijack your session.
Upvotes: 1
Reputation: 35117
Sessions are a better idea when you don't want the client to have the ability to mess with the data. For example using a session variable to store the User ID of the current user is alright. Using a cookie however is a huge security hole as a halfway clever person would be able to spoof other user ids and gain access to other accounts.
Upvotes: 8
Reputation: 12538
You use the cookie for session identification. You won't set all your important information in a cookie, because users can mess that information up. Data in your session is more secure.
Upvotes: 1
Reputation: 1
PHP sessions are implemented thru cookies in the client browser.
Upvotes: -3
Related Questions
- Advantages/disadvantages of using cookies to store a user ID?
- Session cookie versus other kinds of cookies
- Sessions or cookies?
- Session or Cookie [PHP]
- use of session and cookies what is better
- $_SESSION v. $_COOKIE
- user authentications via session or cookies?
- (dis)advantages of sessions vs cookies
- cookies vs sessions for php application
- php using sessions or cookies for user authorization