Hudzilla.org - the homepage of Paul Hudson
Contents > Wish List | Report Bug | About Me ]

10     Cookies and Sessions

This is NOT the latest copy of this book; click here for the latest version.

Owing to the fact that HTTP is stateless - that is, any data you have stored is forgotten about when the page has been sent to the client and the connection is closed - it took a little work to find a solution to the problem. Eventually, Netscape put a solution into their browser known as "cookies" - tiny bits of information that a web site could store on the client's machine that were sent back to the web site each time a new page was requested. Each cookie could only be read by the web site that had written it, meaning that it was a secure way to store information across pages.

Cookies earned a bad name at first because they allowed people to track how often a visitor came to their site, what they did on the site, and such, and many people believed that cookies signalled the end of privacy on the web. Urban myths popped up in many places saying that cookies can read any information from your hard drive, and people were encouraged to disable cookies across the board. The reality is, of course, that cookies are relatively harmless, and are now commonly accepted.

Sessions grew up from cookies as a way of storing data on the server side, because the inherent problem of storing anything sensitive on clients' machines is that they are able to tamper with it if they wish. In order to set up a unique identifier on the client, sessions still use a small cookie - this cookie simply holds a value that uniquely identifies the client to the server, and corresponds to a data file on the server.

Topics covered in this chapter are:

  • How cookies and sessions compare

  • Which to use and when

  • How to use sessions

  • Using a database to store your sessions

  • Storing complex objects


Chapter contents

10.1. Cookies vs. Sessions
10.1.1. Cookies
10.1.2. Sessions
10.1.3. Choosing the appropriate option
10.2. Using cookies: setcookie()
10.3. Using sessions
10.3.1. Starting a session: session_start()
10.3.2. Adding session data
10.3.3. Reading session data
10.3.4. Removing session data
10.3.5. Ending a session: session_destroy()
10.3.6. Checking session data
10.3.7. Files vs. Databases: session_set_save_handler()
10.4. Storing complex data types
10.5. Summary
10.6. Exercises
10.7. Further reading
10.8. Next chapter



<< 9.23 Next chapter   10.1 Cookies vs. Sessions >>
Table of Contents
 Want to see this stuff in print? PHP in a Nutshell takes the core topics covered here, adds in thousands of edits from the editorial team and myself, and combines them to make an unbeatable reference for PHP programmers at all levels.



My latest book has hundreds more tips on how to use PHP, Apache, and MySQL, plus Perl, Python, shell scripts, performance tuning, and more!
Top-right shadow
 
Bottom-left shadow Bottom shadow

Comments from other readers
A PHP User - 24 Jul 2008
Please don't delete this

Another PHP User - 24 Jul 2008
Yes, delete it!

A PHP User - 24 Jul 2008
testing, please delete this comment when you find it.

A PHP User - 24 Jul 2008
testing, please delete this comment when you find it.



Add comment
Please note that by posting a comment here you are committing it to the public domain. This is important so that others can make use of your code themselves, and also so that I can incorporate helpful notes directly into the main text. Comments are limited to 2000 characters in length.

If you are reporting an error in the content, please tell me directly.

Your name/email address:
Your comment:
 
Now, in order to verify that you're a real person, please answer this simple question: what is six plus two?
The answer is:
(please write in
numbers, eg 19)


Top-right shadow
 
Bottom-left shadow Bottom shadow

This website and its content is copyright © Paul Hudson 2005, all rights reserved.