The answer that I have come to understand is that sessions are more secure than cookies in as that the information is stored on the server side instead of the client side. This way it is harder to steal, alter or intercept. The other reason is that users can even reject cookies, thus disallowing content monitoring or dynamic changes.
Cookies can only pass sorts of data through to the user, as well, so there is no chance of a virus being passed. There may be a remote chance that someone figures out how to do it, but they still could not execute anything from the users drive anyhow, so the possibility of actually transmitting is pretty minute. There is a strict set of rules as to what is sent inside a cookie, and, while I am still learning, I dont think files are included in that. =) ---------------------------------------------------------------------------- ---- --Chris "The paranoids are watching you" "Ryan F. Bayhonan" <[EMAIL PROTECTED]> wrote in message 001e01c1b471$85707b50$1b3d1cac@mercury">news:001e01c1b471$85707b50$1b3d1cac@mercury... We had a discussion this morning in our office on the differences between cookie and session. I just would like to ask the body if your could enlighten me more on this. And another thing, can cookie be a carrier of some virus across the internet? Thanks, Ryan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php