Cookies and Sessions

Cookie:

    A cookie is a small file that the server embeds on the user's computer. Each time the same computer requests a page with a browser, it will send the cookie too. With PHP, you can both create and retrieve cookie values.

        OR

    Cookies are text files with small pieces of data — like a username and password — that are used to identify your computer as you use a computer network. Specific cookies known as HTTP cookies are used to identify specific users and improve your web browsing experience.

There are three steps involved in identifying returning users −

• Server script sends a set of cookies to the browser. For example name, age, or identification number etc.

• Browser stores this information on local machine for future use.

• When  next  time  browser  sends  any  request  to  web  server  then  it  sends  those  cookies information to the server and server uses that information to identify the user.
  

Purpose of Cookies:

    1. The main purpose of a cookie is to identify users and possibly prepare customized Web pages or to save information.
    2. Cookies are very important when it comes to browsing the internet and play a great role in making browsing more convenient for you.
    3. Every time you visit a website, it sends a small piece of information to your computer to keep track of your movement on the site, your visits, and activities there. These cookies are then stored in your web browser and are later accessed when you’ll visit the website again.
    4. They make browsing from one page to another on the Site much smoother.
    5. They save the user name and the indicated preferences.
    6. They prevent the need for users to enter their personal data (such as user name and password) several times while on the Site.

Create Cookies With PHP:

    A cookie is created with the setcookie() function.

Syntax:

setcookie(name, value, expire, path, domain, secure, httponly);

where,

• Name:  This sets the name of the cookie and is stored in an environment variable called HTTP_COOKIE_VARS. This variable is used while accessing cookies.

• Value:This sets the value of the named variable and is the content that you actually want to store.

• Expiry:This specify a future time in seconds since 00:00:00 GMT on 1st Jan 1970. After this  time  cookie  will  become  inaccessible.  If  this  parameter  is  not  set  then  cookie  will automatically expire when the Web Browser is closed.

• Path:This specifies the directories for which the cookie is valid. A single forward slash character permits the cookie to be valid for all directories.

• Domain:This  can  be  used  to  specify  the  domain  name  in  very  large  domains  and  must contain at least two periods to be valid. All cookies are only valid for the host and domain which created them.

• Security:This  can  be  set  to  1  to  specify  that  the  cookie  should  only  be  sent  by  secure transmission using HTTPS otherwise set to 0 which mean cookie can be sent by regular HTTP.

( Only the name parameter is required. All other parameters are optional. )

Creating Cookies:

    Following example will create two cookies name and age these cookies will be expired after one hour.

<?php
    setcookie("name", "John Watkin", time()+3600, "/","", 0);
    setcookie("age", "36", time()+3600, "/", "",  0);
?>
<html>
<head>
    <title>Setting Cookies with PHP</title>
</head>
<body>
    <?php echo "Set Cookies" ?>
</body>
</html>

Deleting Cookie with PHP:

    To delete a cookie, use the setcookie() function with an expiration date in the past:

<?php
    setcookie( "name", "", time()-60, "/","", 0);
    setcookie( "age", "", time()-60, "/","", 0);
?>
<html>
<head>
    <title>Deleting Cookies with PHP</title>
</head>
<body>
    <?php echo "Deleted Cookies" ?>
</body>
</html>

Sessions:

    A session is used to store information (in variables) and pass information from one page to another page temporarily.Unlike a cookie, the information is not stored on the user’s computer.

    PHP session creates unique user id for each browser to recognize the user and avoid conflict between multiple browsers.


What is a PHP Session?
    When you work with an application, you open it, do some changes, and then you close it. This is much like a Session. The computer knows who you are. It knows when you start the application and when you end. But on the internet there is one problem: the web server does not know who you are or what you do, because the HTTP address doesn't maintain state.
Session variables solve this problem by storing user information to be used across multiple pages (e.g. username, favorite color, etc). By default, session variables last until the user closes the browser.
So; Session variables hold information about one single user, and are available to all pages in one application.

Start a PHP Session:

    A session is started with the session_start() function.
    Session variables are set with the PHP global variable: $_SESSION.

    Now, let's create a new page called "demo_session1.php". In this page, we start a new PHP session and set some session variables:

 <?php
// Start the session
session_start();
?>
<!DOCTYPE html>
<html>
<body>
<?php
// Set session variables
$_SESSION["favcolor"] = "green";
$_SESSION["favanimal"] = "cat";
echo "Session variables are set.";
?>
</body>
</html>

Destroy a PHP Session:

    To remove all global session variables and destroy the session, use session_unset() and session_destroy():

<?php
session_start();
?>
<!DOCTYPE html>
<html>
<body>
<?php
// remove all session variables
session_unset();

// destroy the session
session_destroy();
?>
</body>
</html> 

 

Differences between Cookies and Sessions:

Cookies	Sessions
• Cookies are client-side files that contains user information.	• Sessions are server-side files that contains user information.
• Cookies are stored in the user’s browser.	• Sessions are not.
• A cookie can keep information the user’s browser until deleted.	• Session is that when you close your browser you also lose the session.
• If you set variable to “cookies” then your user will not have to log in each time they enter your community.	• If you set the variable to “session” then user activity will be tracked using browser sessions and your user will have to log in each time they re-open their browser.
• Cookies can only store strings.	• It store our objects in sessions.
• Save cookie for future reference.	• Session couldn’t . Users close their browser, they also lost the session.

Share this post