Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    Regular Coder
    Join Date
    Nov 2009
    Location
    Florida United States
    Posts
    105
    Thanks
    6
    Thanked 2 Times in 2 Posts

    php cookie login system vs session

    is doing a cookie login system better or worse than a session login system. I don't know how to do a session, so the question is should I learn to do it or just stick with a cookie based login?

  • #2
    Senior Coder Dormilich's Avatar
    Join Date
    Jan 2010
    Location
    Behind the Wall
    Posts
    3,246
    Thanks
    12
    Thanked 340 Times in 336 Posts
    you should. a session can hold more data than a cookie (though no as long as a cookie can, the time limit is normally in the range of hours, as otherwise the disk space for the data would run out) and (most of the time) a session is identified through cookies.

    the most advantage of sessions though is the security of the data. the session’s data is not accessible outside the server (thus you can save sensitive information over time).
    The computer is always right. The computer is always right. The computer is always right. Take it from someone who has programmed for over ten years: not once has the computational mechanism of the machine malfunctioned.
    André Behrens, NY Times Software Developer

  • #3
    Regular Coder
    Join Date
    Dec 2007
    Posts
    137
    Thanks
    1
    Thanked 21 Times in 21 Posts
    If you can use cookies in PHP, then you can do sessions. It's fairly similar.

    On the topic of session security, and to make your code more secure, this is a good read to prevent session hacking -- session fixation and session hijacking.

    PHP Security Guide: Sessions
    http://phpsec.org/projects/guide/4.html

    And if on a shared host, be careful about exposing your session data
    http://phpsec.org/projects/guide/5.html


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •