Hello and welcome to our community! Is this your first visit?
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    Regular Coder
    Join Date
    Nov 2009
    Florida United States
    Thanked 2 Times in 2 Posts

    php cookie login system vs session

    is doing a cookie login system better or worse than a session login system. I don't know how to do a session, so the question is should I learn to do it or just stick with a cookie based login?

  • #2
    Senior Coder Dormilich's Avatar
    Join Date
    Jan 2010
    Behind the Wall
    Thanked 372 Times in 368 Posts
    you should. a session can hold more data than a cookie (though no as long as a cookie can, the time limit is normally in the range of hours, as otherwise the disk space for the data would run out) and (most of the time) a session is identified through cookies.

    the most advantage of sessions though is the security of the data. the session’s data is not accessible outside the server (thus you can save sensitive information over time).
    The computer is always right. The computer is always right. The computer is always right. Take it from someone who has programmed for over ten years: not once has the computational mechanism of the machine malfunctioned.
    André Behrens, NY Times Software Developer

  • #3
    Regular Coder
    Join Date
    Dec 2007
    Thanked 21 Times in 21 Posts
    If you can use cookies in PHP, then you can do sessions. It's fairly similar.

    On the topic of session security, and to make your code more secure, this is a good read to prevent session hacking -- session fixation and session hijacking.

    PHP Security Guide: Sessions

    And if on a shared host, be careful about exposing your session data


    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts