Home Backend Development PHP Problem What is the difference between cookie and session in php

What is the difference between cookie and session in php

Dec 02, 2021 pm 06:10 PM
cookie php session

Difference: 1. Cookies are stored in the browser, which is relatively unsafe; while sessions are stored in the server, which are relatively safer. 2. The data stored by cookies has quantity and size restrictions, but sessions do not. 3. The data saved by cookie is of string type, and the data saved by session is of object type.

What is the difference between cookie and session in php

The operating environment of this tutorial: windows7 system, PHP7.1 version, DELL G3 computer

Whether you are a system operation and maintenance or PHP developer In interviews, I am often asked what is the difference between Session and Cookie in PHP? Let's summarize it below:

Cookies are only generated, managed and used by the client. PHP only issues instructions asking the client how to generate cookies, when to expire, etc., but the client may not necessarily follow PHP's instructions. work.

Cookies are not very safe. Criminals can perform cookie spoofing by analyzing local cookies. Considering security issues, it is recommended to store important user information in the Session, and other unimportant information that needs to be retained can be stored in Cookies.

Session is the session from when the user enters a website to closing the browser. It is stored in the server disk in the form of a file by default. Therefore, setting too many Sessions will affect the performance of the disk. You can also use the Memory engine to save it. Enter MySQL. Because the memory engine reads and writes quickly, you can now specify to use Redis to process Session, which is faster and more efficient.

The revocation mechanism of Session is passive. Generally speaking, once the browser is closed, the Session will be automatically recycled by PHP. However, sometimes even if the expiration time is set and the browser is closed, the Session may not be deleted, such as When setting up multiple directories and multiple levels to save the Session, you need to manually delete the Session through a PHP script.

Usually Cookies are bound to Sessions, that is, when users do not disable Cookies, Cookies will generally save the Session ID and Session lifetime. If the user deletes Cookies, they will generally exit the system; if Cookies are not disabled, the browser will be closed. The session will also become invalid immediately, and you need to log in to the system again.

Cookie and Session are generally used to identify users, authenticate permissions, store simple data, and use cookies to achieve single sign-on.

The data stored by cookies will have different restrictions in different browsers. Generally, under the same domain name, the number of cookie variables is controlled within 20, and the value size of each cookie is controlled within 4kb. There is no limit on the size or number of Session values, but if there are too many, it will increase the pressure on the server. In addition, the content saved by Cookie is a string, while the data saved by Session is an object.

Session cannot distinguish paths. During the same user's visit to a website, all Sessions can be accessed anywhere; and if the path parameter is set in the cookie, then all Sessions under different paths in the same website can be accessed anywhere. Cookies are not accessible to each other.

The difference between COOKIE and SESSION

(1) Storage location: Cookie is stored in the client browser, which is relatively unsafe; the file containing the Session content is stored in the server , generally in the tmp folder in the root directory, which is relatively safer.

(2) Quantity and size limit: The data stored by Cookie will have different restrictions in different browsers. Generally, under the same domain name, the number of Cookie variables is controlled within 20, and the value of each cookie is The size is controlled within 4kb. There is no limit on the size or number of session values, but if there are too many, it will increase the pressure on the server.

(3) Content difference: The content saved by the cookie is a string, while the data saved by the session in the server is an object.

(4) Path difference: Sessions cannot distinguish paths. During the same user's visit to a website, all sessions can be accessed anywhere; and if the path parameter is set in the cookie, then the same Cookies in different paths on the website are not accessible to each other.

Recommended learning: "PHP Video Tutorial"

The above is the detailed content of What is the difference between cookie and session in php. For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

Video Face Swap

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Tools

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Hot Topics

Java Tutorial
1664
14
PHP Tutorial
1267
29
C# Tutorial
1239
24
Explain JSON Web Tokens (JWT) and their use case in PHP APIs. Explain JSON Web Tokens (JWT) and their use case in PHP APIs. Apr 05, 2025 am 12:04 AM

JWT is an open standard based on JSON, used to securely transmit information between parties, mainly for identity authentication and information exchange. 1. JWT consists of three parts: Header, Payload and Signature. 2. The working principle of JWT includes three steps: generating JWT, verifying JWT and parsing Payload. 3. When using JWT for authentication in PHP, JWT can be generated and verified, and user role and permission information can be included in advanced usage. 4. Common errors include signature verification failure, token expiration, and payload oversized. Debugging skills include using debugging tools and logging. 5. Performance optimization and best practices include using appropriate signature algorithms, setting validity periods reasonably,

Explain late static binding in PHP (static::). Explain late static binding in PHP (static::). Apr 03, 2025 am 12:04 AM

Static binding (static::) implements late static binding (LSB) in PHP, allowing calling classes to be referenced in static contexts rather than defining classes. 1) The parsing process is performed at runtime, 2) Look up the call class in the inheritance relationship, 3) It may bring performance overhead.

PHP Program to Count Vowels in a String PHP Program to Count Vowels in a String Feb 07, 2025 pm 12:12 PM

A string is a sequence of characters, including letters, numbers, and symbols. This tutorial will learn how to calculate the number of vowels in a given string in PHP using different methods. The vowels in English are a, e, i, o, u, and they can be uppercase or lowercase. What is a vowel? Vowels are alphabetic characters that represent a specific pronunciation. There are five vowels in English, including uppercase and lowercase: a, e, i, o, u Example 1 Input: String = "Tutorialspoint" Output: 6 explain The vowels in the string "Tutorialspoint" are u, o, i, a, o, i. There are 6 yuan in total

What are PHP magic methods (__construct, __destruct, __call, __get, __set, etc.) and provide use cases? What are PHP magic methods (__construct, __destruct, __call, __get, __set, etc.) and provide use cases? Apr 03, 2025 am 12:03 AM

What are the magic methods of PHP? PHP's magic methods include: 1.\_\_construct, used to initialize objects; 2.\_\_destruct, used to clean up resources; 3.\_\_call, handle non-existent method calls; 4.\_\_get, implement dynamic attribute access; 5.\_\_set, implement dynamic attribute settings. These methods are automatically called in certain situations, improving code flexibility and efficiency.

PHP and Python: Comparing Two Popular Programming Languages PHP and Python: Comparing Two Popular Programming Languages Apr 14, 2025 am 12:13 AM

PHP and Python each have their own advantages, and choose according to project requirements. 1.PHP is suitable for web development, especially for rapid development and maintenance of websites. 2. Python is suitable for data science, machine learning and artificial intelligence, with concise syntax and suitable for beginners.

PHP in Action: Real-World Examples and Applications PHP in Action: Real-World Examples and Applications Apr 14, 2025 am 12:19 AM

PHP is widely used in e-commerce, content management systems and API development. 1) E-commerce: used for shopping cart function and payment processing. 2) Content management system: used for dynamic content generation and user management. 3) API development: used for RESTful API development and API security. Through performance optimization and best practices, the efficiency and maintainability of PHP applications are improved.

PHP: A Key Language for Web Development PHP: A Key Language for Web Development Apr 13, 2025 am 12:08 AM

PHP is a scripting language widely used on the server side, especially suitable for web development. 1.PHP can embed HTML, process HTTP requests and responses, and supports a variety of databases. 2.PHP is used to generate dynamic web content, process form data, access databases, etc., with strong community support and open source resources. 3. PHP is an interpreted language, and the execution process includes lexical analysis, grammatical analysis, compilation and execution. 4.PHP can be combined with MySQL for advanced applications such as user registration systems. 5. When debugging PHP, you can use functions such as error_reporting() and var_dump(). 6. Optimize PHP code to use caching mechanisms, optimize database queries and use built-in functions. 7

Explain the match expression (PHP 8 ) and how it differs from switch. Explain the match expression (PHP 8 ) and how it differs from switch. Apr 06, 2025 am 12:03 AM

In PHP8, match expressions are a new control structure that returns different results based on the value of the expression. 1) It is similar to a switch statement, but returns a value instead of an execution statement block. 2) The match expression is strictly compared (===), which improves security. 3) It avoids possible break omissions in switch statements and enhances the simplicity and readability of the code.

See all articles