View Poll Results: Cookies or Sessions?
- Voters
- 5. You may not vote on this poll
-
Sessions
-
Cookies
-
I dont care
-
Oct 10th, 2006, 09:49 PM
#1
Thread Starter
WiggleWiggle
Cookies VS Sessions
What one would you say is better. I thought that when i was using sessions, it was the same a cookies. Would it be better to use cookies for a login or sessions?
My usual boring signature: Something
-
Oct 10th, 2006, 10:14 PM
#2
Re: Cookies VS Sessions
a session is just that: one browsing session. the session will end once the browser is closed, and the user's session information will be lost. this is great for some types of websites.
cookies can be considered an ongoing session. they can last days, months, or even years.. or even just a few hours. you get to decide. they will end when their expire date has, well, expired. they will be stored in the user's computer forever (unless they're deleted/cleaned out by the users themselves), even when expired.
so, if you login to a website using session, and close the browser window, you will no longer be logged on. however, if you login to a website using cookies (and the cookie expire date is set (if you don't set a cookie expire date, the cookie will expire when the browser is closed)), and close the browser window, you will still be logged in if you revisit that website within the expire date. for the most part, cookies are the most ideal for creating something that your users will be logging into a lot (and using the same computer to do so), because it would be rather annoying to visit this forum and have to login every time i wanted to post something. this forum, and almost all that i know of, use cookies to log you in.
also: one thing to note, if you're using cookies, you should NEVER store very sensitive information in it, because it's saved on that user's computer and they (or anyone with access to it) can view it if they ever so please. storing usernames/passwords is ideal (and the passwords should be encrypted if you do this, for added security). you can pretty much store whatever information you want in session variables, because they're all relevant to the server, and don't have anything to do with that user's particular browser or computer. the information isn't saved on their computer.
-
Oct 11th, 2006, 02:27 AM
#3
Fanatic Member
Re: Cookies VS Sessions
 Originally Posted by dclamp
What one would you say is better. I thought that when i was using sessions, it was the same a cookies. Would it be better to use cookies for a login or sessions?
For what sort of solution?
-
Oct 11th, 2006, 03:14 AM
#4
Re: Cookies VS Sessions
What kows said applies to PHP's built-in sessions. If you write your own session system, you can let the session cookie outlive the simple browser session and still store everything in the "session".
My basic principle is: store the session ID as a cookie (if enabled). Store everything else in the session. It's easier, saves bandwidth, and hides internals from the user.
All the buzzt
 CornedBee
"Writing specifications is like writing a novel. Writing code is like writing poetry."
- Anonymous, published by Raymond Chen
Don't PM me with your problems, I scan most of the forums daily. If you do PM me, I will not answer your question.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|