What are the differences and connections between session and cookie?

The difference and connection between

session and cookie

Difference

1. Storage location:

Session is saved on the server, cookie is saved on the client

2. Storage format:

Session is It is saved on the server in the form of an object, and the cookie is saved on the client in the form of a string

3. Purpose:

The session is suitable for customer authentication, and the cookie is suitable for saving the user's personal settings. Hobbies, etc.

4. Path:

Sessions cannot distinguish paths. During the same user's visit to a website, all sessions can be accessed from anywhere; if the parameter path is set in the cookie , then cookies under the same website cannot access each other

5. Security:

Cookies are not very safe. Others can analyze cookies stored locally and conduct cookie deception. Sessions are better than cookies. More secure

6. Size and quantity limit:

The limit of a single cookie on the client is 3K, which means that a site cannot store 3K COOKIES on the client. The maximum number of cookies contained in different browsers is different, generally 30 to 50; it is generally believed that there is no size limit for sessions

Contact:

The session needs the help of cookies to function properly Works. If the client completely disables cookies, the session will be invalid because the session is a server-side storage space maintained by the application server. When the user connects to the server, a unique sessionid will be generated by the server, and the sessionid will be used as an identifier to access the service. End session space. The sessionid is stored in the cookie. When the user submits the page, the sessionid will be submitted to the server to access the session data. This process does not require developer intervention, so once the client disables cookies, the session will also become invalid;

In addition:

session will be saved on the server within a certain period of time. When access increases, it will take up more of your server's performance. If you mainly consider reducing server performance, you should use COOKIE

sessionid is randomly assigned when the server and client connect

The above is the detailed content of What are the differences and connections between session and cookie?. For more information, please follow other related articles on the PHP Chinese website!