sessions and cookies theory

Not for 'how-to' coding questions but PHP theory instead, this forum is here for those of us who wish to learn about design aspects of programming with PHP.

Moderator: General Moderators

Post Reply
rg34
Forum Newbie
Posts: 4
Joined: Sun May 01, 2005 1:44 pm

sessions and cookies theory

Post by rg34 »

ok, i think i've gotten the hang of oo php and understand much of the format of mytopix (after a few weeks of review)

i am stuck on one issue, though. is it better to use all sessions? or use a combination of sessions with cookies? if i have an affiliate script, i can very easily use a cookie to track something. is it better to use sessions with this? since sessions don't store information on a person's computer, they expire upon exit... are sessions the best way to go? or will there have to be at least one type of cookie set on the user's computer?

thank you.
User avatar
Ambush Commander
DevNet Master
Posts: 3698
Joined: Mon Oct 25, 2004 9:29 pm
Location: New Jersey, US

Post by Ambush Commander »

Well, Sessions, first of all, aren't really part of 'oo'.
is it better to use all sessions?
No "Remember me" option for you then. Sessions expire very quickly and don't offer persistent data, but that's often enough for most authentication things.
or use a combination of sessions with cookies?
Probably. Keep cookies down to a minimum though: you may only need them for cross-session browsing.
if i have an affiliate script, i can very easily use a cookie to track something.
If you're tracking users, yeah, use cookies. Totally man.
is it better to use sessions with this? since sessions don't store information on a person's computer, they expire upon exit... are sessions the best way to go? or will there have to be at least one type of cookie set on the user's computer?
If you want to track users, you're going to have to use Cookies.

Summary Sessions just don't last long enough to do "User Tracking". However, if you're building an authentication system, Sessions should be enough. A Remember Me type function would require cookies in authentication (but it does water down security).
Post Reply