Forums

PHP

This topic is locked

sessions vs cookies

Posted 27 Jun 2003 04:49:59
1
has voted
27 Jun 2003 04:49:59 Juan Cordoba posted:
I'm doing a school project, it's an online record store where a user can register and buy music something like cdnow... What should I use cookies or sessions?

Replies

Replied 30 Jun 2003 11:14:33
30 Jun 2003 11:14:33 Julio Taylor replied:
normally i would suggest Session Vars, because if you use cookies you are relying on the user having cookies enabled...

------------------------
Julio

PHP | MySQL | DWMX

ICQ: 19735247
MSN:
Replied 30 Jun 2003 15:47:17
30 Jun 2003 15:47:17 Owen Eastwick replied:
Here's an article with some information about using session objects that you may find helpful: msdn.microsoft.com/library/default.asp?url=/library/en-us/dnasp/html/asptips.asp

Regards

Owen.

-------------------------------------------------------------------------------------------
Used programming books and web development software for sale (UK only): www.tdsf.co.uk/tdsfdemo/Shop.htm

Developer services and tutorials: www.drdev.net

Multiple Parameter UD4 / Access 2000 Search Tutorial: www.tdsf.co.uk/tdsfdemo/
Replied 01 Mar 2006 21:43:05
01 Mar 2006 21:43:05 jesse krets replied:
<BLOCKQUOTE id=quote><font size=1 face="Verdana, Arial, Helvetica" id=quote>quote:<hr height=1 noshade id=quote>
normally i would suggest Session Vars, because if you use cookies you are relying on the user having cookies enabled...
<hr height=1 noshade id=quote></BLOCKQUOTE id=quote></font id=quote><font face="Verdana, Arial, Helvetica" size=2 id=quote>

I know this topic is dead, but it is a google first page for my search. It should be noted that Session variables exist to maintain php some data between script. It's great power is in storing arrays in a transparent manner. Session variables should not grant the session user any privelages, as it is stated from PHP that it is possible to spoof a session and assume the session variables of a previously initialized session. In this case having a user specific cookie to match the session will increase your security.
If the user specific information is non-critical session variables are more convenient for the user.

Reply to this topic