Forums

The forums ran from 2008-2020 and are now closed and viewable here as an archive.

Home Forums Back End What is the difference between a session variable and cookie?

  • This topic is empty.
Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #167273
    mohamedismail
    Participant

    What is the difference between a session variable and cookie?

    #167278
    __
    Participant

    tl;dr:

    • a session lives on the server
    • a cookie lives on the browser
    • both exist to store information for later reference, but are otherwise completely different.

    A “Session” is information, stored on the server, about a series of requests from the same client (user). With HTTP -web browsing- every request your browser makes starts with a “blank slate,” and knows absolutely nothing about previous requests. The server is the same way. Sessions were invented as a way to give web browsing state: context, or, a “memory,” so to speak.

    Session information is simply saved on the server, usually in a text file, sometimes in a database or some other storage. The server has to identify each user request in order to make sure it gets the right session information for it. There are many ways to do this, but the most common (and secure) way nowadays is to use a cookie that holds the session id.

    Cookies are small text files saved on the user’s browser. They are simple name=>value stores. Every cookie belongs to a particular website, and has an expiration and other rules about how the browser is supposed to use it (e.g., you can specify that a your cookie should be sent only over a secure connection). When you visit the same site again, if it has not expired, it is sent along with the request, and the server can use the information it holds.

Viewing 2 posts - 1 through 2 (of 2 total)
  • The forum ‘Back End’ is closed to new topics and replies.