Shulou(Shulou.com)06/02 Report--

This article will explain in detail what are the differences between cookie and session in php. The editor thinks it is very practical, so I share it with you for reference. I hope you can get something after reading this article.

Differences: 1. Cookie is stored in the browser, which is relatively insecure, while session is stored in the server, which is relatively more secure. 2. There are limits on the amount and size of data stored in Cookie, but not in session. 3. The data saved by cookie is string type, while the data saved by session is object type.

Operating environment of this tutorial: windows7 system, PHP7.1 version, DELL G3 computer

Whether in the interviews of system operators or PHP developers, they are often asked about the difference between Session and Cookie in PHP. Let's sum it up:

Cookie is only generated, managed and used by the client. PHP only sends instructions to the client how to generate Cookie, when it expires, etc., but the client does not necessarily follow the instructions of PHP.

Cookie is not very safe, lawbreakers can cheat on Cookie by analyzing local Cookie. For security reasons, it is recommended that users' important information be stored in Session, and other unimportant information that needs to be retained can be stored in Cookie.

Session is the session between entering a website and closing the browser. By default, it is stored in the server disk as a file, so setting too much Session will affect the performance of the disk. You can also use the Memory engine to store MySQL, because the memory engine reads and writes fast, and now you can specify to use Redis to deal with Session, which is faster and more efficient.

The recovery mechanism of Session is passive. Generally speaking, once you close the browser, Session will be automatically recycled by PHP, but sometimes even if you set the expiration time and close the browser, the Session may not be deleted. For example, when you set a multi-directory and multi-level Session, you need to manually delete the Session through the PHP script.

Cookie is usually bound to Session, that is, when a user does not disable Cookie, Cookie generally saves the Session ID and Session life cycle, and if the user deletes Cookie, he or she generally exits the system; if Cookie is not disabled, the browser Session will expire immediately, and you need to log in to the system again.

Cookie and Session should generally identify users, authenticate permissions, store simple data, and use Cookie to achieve single sign-on.

The data stored by Cookie has different restrictions in different browsers. Generally, under the same domain name, the number of Cookie variables is limited to 20, and the value of each Cookie is controlled within 4kb. There is no limit to the size and number of Session values, but if there are too many, it will increase the pressure on the server. In addition, the content saved by Cookie is a string, while the data saved by Session is an object.

Session cannot distinguish between paths, and when the same user visits a website, all Session can be accessed anywhere; but if the path parameter is set in Cookie, then Cookie under different paths in the same website cannot access each other.

The difference between COOKIE and SESSION

(1) Storage location: Cookie is stored in the client browser, which is relatively insecure; the file where the Session content is stored is stored in the server, usually in the tmp folder under the root directory, which is relatively more secure.

(2) quantity and size restrictions: the data stored by Cookie may have different restrictions in different browsers. Generally, under the same domain name, the number of Cookie variables is limited to 20, and the size of each cookie value is limited to 4kb. There is no limit to the size and number of session values, but if there are too many, it will increase the pressure on the server.

(3) content difference: the content saved by cookie is a string, while the data saved by session in the server is an object.

(4) path difference: session cannot distinguish between paths. When the same user visits a website, all session can be accessed anywhere; however, if the path parameter is set in cookie, then cookie under different paths in the same website cannot access each other.

This is the end of the article on "what are the differences between cookie and session in php". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.