Comments on: PHP: Sessions vs Cookies http://www.klovera.com/php-sessions-vs-cookies/ Just another WordPress weblog Tue, 07 Sep 2010 21:09:38 +0000 hourly 1 By: Rbrilliant http://www.klovera.com/php-sessions-vs-cookies/comment-page-1/#comment-1167 Rbrilliant Wed, 04 Aug 2010 15:28:57 +0000 http://www.dustinsdesign.com/php-sessions-vs-cookies/#comment-1167 Nice concise article! Nice concise article!

]]> By: arun http://www.klovera.com/php-sessions-vs-cookies/comment-page-1/#comment-569 arun Tue, 06 Apr 2010 12:00:40 +0000 http://www.dustinsdesign.com/php-sessions-vs-cookies/#comment-569 very helpful .... but I have a question for you though ... can we use sessions and still support the "keep me logged in" feature? or do we have to use cookies for that? thanks. very helpful ….

but I have a question for you though … can we use sessions and still support the “keep me logged in” feature? or do we have to use cookies for that?

thanks.

]]> By: Abe http://www.klovera.com/php-sessions-vs-cookies/comment-page-1/#comment-14 Abe Fri, 15 Jan 2010 02:09:44 +0000 http://www.dustinsdesign.com/php-sessions-vs-cookies/#comment-14 @alapati Sessions and cookie are stored in a very similar way. The main difference is the simple fact users can't edit their own sessions as they are server based. As a rule, this makes them more secure when dealing with sensetive information. A great comparative article, thanks! @alapati

Sessions and cookie are stored in a very similar way.
The main difference is the simple fact users can’t edit their own sessions as they are server based.

As a rule, this makes them more secure when dealing with sensetive information.

A great comparative article, thanks!

]]> By: padmaja http://www.klovera.com/php-sessions-vs-cookies/comment-page-1/#comment-13 padmaja Thu, 05 Nov 2009 10:33:19 +0000 http://www.dustinsdesign.com/php-sessions-vs-cookies/#comment-13 cookies means to pass the information one page to another page in one application. session means what changes made in an application browser cookies means to pass the information one page to another page in one application.
session means what changes made in an application browser

]]> By: alapati http://www.klovera.com/php-sessions-vs-cookies/comment-page-1/#comment-12 alapati Thu, 05 Nov 2009 10:24:58 +0000 http://www.dustinsdesign.com/php-sessions-vs-cookies/#comment-12 from this i understand that cookies and sessions their are slight difference .sometimes sessions r stored like a cookie from this i understand that cookies and sessions their are slight difference .sometimes sessions r stored like a cookie

]]> By: Rakshith http://www.klovera.com/php-sessions-vs-cookies/comment-page-1/#comment-11 Rakshith Tue, 03 Mar 2009 12:54:37 +0000 http://www.dustinsdesign.com/php-sessions-vs-cookies/#comment-11 Nicely explained Nicely explained

]]> By: Gabe http://www.klovera.com/php-sessions-vs-cookies/comment-page-1/#comment-10 Gabe Mon, 30 Jun 2008 08:43:16 +0000 http://www.dustinsdesign.com/php-sessions-vs-cookies/#comment-10 Nice write up on that :) Nice write up on that :)

]]> By: Dustin http://www.klovera.com/php-sessions-vs-cookies/comment-page-1/#comment-9 Dustin Fri, 25 Jan 2008 20:27:48 +0000 http://www.dustinsdesign.com/php-sessions-vs-cookies/#comment-9 Nile, you are absolutely correct, using GET is easily hacked. There are other more complex options you could use. For example, you could store certain information about each client in a temporary location on the server (like their IP and login) and then check against that for each subsequent page. However, this would also be prone to security and performance issues. As with all security, on and off the web, the best method is to have multiple lines of defense. In any event, with the standard being that cookies typically <em>are</em> enabled you can simply deny access to visitors who don't accept cookies with a polite message like "To view this site you must first enable cookies in your browser". Then give some instruction on enabling them. That being said, always code to accommodate your target market and the technology they are actually using. Nile, you are absolutely correct, using GET is easily hacked. There are other more complex options you could use. For example, you could store certain information about each client in a temporary location on the server (like their IP and login) and then check against that for each subsequent page. However, this would also be prone to security and performance issues. As with all security, on and off the web, the best method is to have multiple lines of defense.

In any event, with the standard being that cookies typically are enabled you can simply deny access to visitors who don’t accept cookies with a polite message like “To view this site you must first enable cookies in your browser”. Then give some instruction on enabling them. That being said, always code to accommodate your target market and the technology they are actually using.

]]> By: Nile http://www.klovera.com/php-sessions-vs-cookies/comment-page-1/#comment-8 Nile Fri, 25 Jan 2008 19:56:08 +0000 http://www.dustinsdesign.com/php-sessions-vs-cookies/#comment-8 Well is there a more secure method then using get? get is a pretty un-secure function and easy to hack. Well is there a more secure method then using get?
get is a pretty un-secure function and easy to hack.

]]>