Session =uses server memory and doesn'teave anything on the client side PC
Cookie=Leaves a little tiny file on the client pc, usually they have time limits or just delete themselves once the session is over.
So the big difference is that a session puts the workload onto the server wherhe cookie hands it out to the clients. If you have 5,000 visitors hit your site at one time and you've only got a 10MB pipe out then your server's going to crash on a session setup, but with cookies it's much sier on your server.
Either one can be set to expire after a minute, at the end of the session, never, they can both be s for authentication, they both can hold data from an array and so on and so on
So, if you create a login page you can have the form drop a cookie on th e client PC that holds their username and password. For the rest of to that site any secured page they visit can look for ("login_finfo" or whatever you name the cookie, if it exists then they won't get hit up for the login info again. You can make a "Logout" button that signs them out and deletes the cooko the next person ato sit at that PC ancan't just go right into the persons profile. To further the security you can set inactivity sign out timers, you can give it a 2 hour life span or find some means of making sure your users login is secured.
Thanks a lot!
I'm new to PHP and I don't really get the concept of sessions and cookies, but they seem to be a very important part of PHP.
What exactly is session and cookies and and how should it be used and why? And what is the difference between the two?