Thursday, January 21, 2016

Differences between cookies and sessions?

Sessions are server-side files that contain user information, while Cookies are client-side files that contain user information. Sessions have a unique identifier that maps them to specific users. This identifier can be passed in the URL or saved into a session cookie.
Most modern sites use the second approach, saving the identifier in a Cookie instead of passing it in a URL (which poses a security risk). 
The session cookie is stored on the client (and its value contains the unique session identifier which is sent with every request to map the browser session to the user session on the server

Another answer by Elan Govan:
Cookies are stored in browser as a text file format.It is stored limit amount of data.It is only allowing4kb[4096bytes].It is not holding the multiple variable in cookies.
we can accessing the cookies values in easily.So it is less secure.The setcookie() function must appear BEFORE the tag.
Sessions are stored in server side.It is stored unlimit amount of data.It is holding the multiple variable in sessions. we cannot accessing the cookies values in easily.So it is more secure.

Cookies

Session

Cookies are stored in browser as
text file format.
Sessions are stored in server side.
It is stored limit amount of data.
It is only allowing 4kb[4096bytes]
It is stored unlimit amount of data.
It is not holding the multiple variable
 in cookies.
It is holding the multiple variable
 in sessions.
we can accessing the cookies values easily.
So it is less secure.
 The setcookie() function must
 appear BEFORE the <html> tag
we cannot accessing the sessions
values easily.
So it is more secure.
Destroy Cookies:
 1. if we Closing the browsers at the time
 cookies values destoryed.
 2. setting the cookie time to expire the cookie.
Destroy Sessions :
 1. using unset() session,we will
destroyed the sessions.
 2. using session_destory(), we we will
destroyed the sessions.
Example:
<?php
setcookie(name, value, expire,
path,domain, secure, httponly);
$cookie_uame = "codingslover";
$cookie_uvalue= "website";
//set cookies for 1 hour time
setcookie($cookie_uname,
$cookie_uvalue, 3600, "/");
//expire cookies
setcookie($cookie_uname,"",-3600);
?>
Example:
<?php
session_start();
//session variable
$_SESSION['testvaraible'] = 'Codings';
//destroyed the entire sessions
session_destroy();  
//Destroyed the session
variable "testvaraible".
unset($_SESSION['testvaraible']);
?>

No comments:

Post a Comment