Sessions are a combination of a server-side session data and a client-side cookie, with the client-side cookie containing nothing other than a reference to the correct data on the server. Thus, when the user visits the site, their browser sends the reference code to the server, which loads the corresponding data.
This may seem a bit clumsier than just having a client-side cookie with all your data in, but there are a few advantages:
- Your server-side session data can contain
very large amounts of data with no
hassle - client-side cookies are
limited in size
- Your client-side cookie contains
nothing other than a small reference
code - as this cookie is passed each
time someone visits a page on your
site, you are saving a lot of
bandwidth by not transferring large
client-side cookies around
- Session data is much more secure -
only you are able to manipulate it,
as opposed to client-side cookies
which are editable by all
It is also important to note that sessions only last till the user closes their browser, whereas cookies can be configured to last longer. However, other than the above, there is not much difference between session data and cookie data for most purposes.
The following is a very good article which explains how sessions and cookies work within PHP.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
