I don't think PHP stores Session information in Cookies. However It dose
store the sessionId (a unique alphanumeric string) in cookies.
This SessionId is used to identify the requests sent from one user.
The Session information is by default stored in the /tmp directory on your
system in a flat file.

Chetan Dattaram Rane | Software Engineer | Persistent Systems
chetan_r...@persistent.co.in  | Cell: +91 94033 66714 | Tel: +91 (0832) 30
Innovation in software product design, development and delivery-

-----Original Message-----
From: Paul M Foster [mailto:pa...@quillandmouse.com] 
Sent: Tuesday, March 10, 2009 7:57 AM
To: php-general@lists.php.net
Subject: [PHP] Cookies/Sessions and how they work

This is in two parts. First cookies. I'm a little unclear on how they
work. From what I've read, cookies are stored by the browser. When a
request for that cookie comes in from the server, the browser returns
only the value, and no other data. One question: When the browser
requests a page from a server, does it automatically search its cookies
for that domain and send them along with the other requests? If that's
now how it works, then how does it work?

Second part is about sessions. According to the notes for the cookies
page at php.net, it's considered bad practice to store user IDs and
passwords in cookies. It's considered better practice to use PHP's
native session-handling code to do this. But if a user has cookies
turned on in the browser, then PHP will store the session information
(possibly user ID and password) as a cookie. So what's the difference?

The reference for the above is:


Paul M. Foster

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to