Question about cookies and sessions in php?

O

Optimus2015-11-10 19:29:55

PHP

Optimus, 2015-11-10 19:29:55

The session exists until the browser is closed. Everything is clear here, the question about the session is only this:
1. The session hash can be saved in the database

UPDATE `user` SET `session`=$session_hash WHERE `login`=$login

but why? The user closes the browser, what is the meaning of the remaining session in the database? Site on 1 server, i.e. it is not necessary to carry session between servers.
Further, when authorizing, we make a cookie, but there are questions about it:
var_dump($_COOKIE); shows:

array(2) {
  ["PHPSESSID"]=>
  string(26) "ma7emp7j7vp6o85oqlclefi315"
  ["namecookie"]=>
  string(5) "login"
}

Why is PHPSESSID stored in the $_COOKIE variable and not in $_SESSION for example?
Well, in general, what to store in a cookie if I don’t have any individual site settings such as color, start section, and do they even make sense? Maybe refuse them, the security of users will increase ...

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

S

Sergey, 2015-11-10
Pyan @marrk2

How are cookies different from a session in PHP?
in addition:
- sessions can simply be stored in the database and then session handling is your concern. This is convenient when we have several servers and the balancer spreads us to different servers, then we have a single session center, for example. For the same purposes, you can use memcache or redis.
- sessions do not necessarily die after closing the browser