A session is a way to store information (in variables) to be used across multiple pages. When a user visits a website and starts a new session, the server creates a unique session ID and stores it in a cookie on the user’s computer. The server also creates a file on the server to store the session variables for that user.
The session ID in the cookie is used to identify the user’s session on the server. When the user navigates to a different page on the website, the session ID is sent back to the server in a cookie, and the server retrieves the corresponding session variables for that user.
Sessions are useful for storing temporary data that is specific to a single user and a single browser session. For example, you might use a session to store a user’s shopping cart items or login status.
A cookie is a small piece of data that is stored in a user’s web browser. It can be used to store information such as user preferences or login information. When a user visits a website, the server can send a cookie to the user’s browser, which the browser will then store. When the user returns to the website later, the server can access the cookie and use the information stored in it.
Cookies are useful for storing longer-term data that needs to be persisted across multiple sessions. For example, you might use a cookie to store a user’s preferred language or theme so that the user doesn’t have to set their preferences every time they visit the website.
Cookies are stored as files on the user’s computer and can remain there for a specified length of time unless the user chooses to delete them. Cookies are limited in size, typically to 4KB or less.
PHP session: To use sessions in PHP, you first need to start a session using the session_start() function. This function must be called before any output is sent to the browser, so it is usually placed at the top of the PHP script.
Example: The following example shows how to start a session and store a value in a session variable:
PHP
<?php session_start(); $_SESSION [ 'favorite_color' ] = 'blue' ; echo "Session variables are set." ; ?> |
To access a session variable, you can use the $_SESSION superglobal array. For example:
PHP
<?php session_start(); echo "Your favorite color is: " . $_SESSION [ 'favorite_color' ]; ?> |
Output:
The first time you run the script, it will show the following
Session variables are set.
If you refresh the page or navigate to a different page and run the script again, it will show the following
Your favorite color is: blue.
PHP cookies: To use cookies in PHP, you can use the setcookie() function. This function takes three arguments: the name of the cookie, the value of the cookie, and the expiration time of the cookie. The expiration time is optional and is specified in seconds. If you don’t specify an expiration time, the cookie will expire when the user closes their browser.
Example: The following example shows how to set a cookie in PHP:
PHP
<?php // 86400 = 1 day setcookie( 'favorite_color' , 'blue' , time() + (86400 * 30)); echo "Cookie is set." ; ?> |
To access a cookie, you can use the $_COOKIE superglobal array. For example:
PHP
<?php echo "Your favorite color is: " . $_COOKIE [ 'favorite_color' ]; ?> |
Keep in mind that cookies are stored on the user’s computer and can be deleted by the user at any time, so you should always check if a cookie exists before trying to access it. You can do this using the isset() function.
PHP
<?php if (isset( $_COOKIE [ 'favorite_color' ])) { echo "Your favorite color is: " . $_COOKIE [ 'favorite_color' ]; } else { echo "You have not set a favorite color." ; } ?> |
Output:
The first time you run the script, it will show
Cookie is set.
If you refresh the page or navigate to a different page and run the script again, it will show
Your favorite color is: blue.
If you wait for 30 days (the expiration time specified in the setcookie() function and then run the script again, it will show
You have not set a favorite color.
Difference between session and cookies in PHP:
The following is a comparison of sessions and cookies in PHP in a table format:
Sessions |
Cookies |
|
---|---|---|
Scope | Only accessible within the PHP script that created them | Can be accessed by any script on the domain that created them |
Persistence | Stored in memory on the server and deleted when the user closes their browser | Stored as files on the user’s computer and can remain there for a specified length of time unless the user deletes them |
Size | Can store as much data as can be stored in the user’s session storage space (usually several megabytes) | Limited in size, typically to 4KB or less |
Security | More secure because they are stored on the server and not accessible to the user | Less secure because they are stored on the user’s computer and can be accessed or modified by the user |
Use cases | Storing temporary data that is specific to a single user and a single browser session | Storing longer-term data that needs to be persisted across multiple sessions |
Sessions and cookies are both useful for storing data in a user’s web browser, but they have some key differences that make them more suitable for different use cases.