Answer the question
In order to leave comments, you need to log in
J
J
JackShcherbakov2018-02-07 08:09:54
JackShcherbakov, 2018-02-07 08:09:54
Should everything be stored in SESSION, or is it better to store something in COOKIE?
[Moderator, there is no clear answer on the Internet. And the answer "what you want, then store" does not quite suit me. Thank you for understanding]
Hello! This question has been tormenting me for several days, but there is no clear answer on the Internet. I understand how cookies and sessions work. Thanks to the key, usually called PHPSESSID, the server can identify the user and create / get the corresponding session, which stores some data .
So, cookies are on the client, sessions are on the server.
But where to store what? It is clear that it is better to store any secret data in the session, but what exactly should be stored in cookies? The moderator, before deleting my question, wrote something like: "what you want, then keep it." It's still not clear! Why write something to cookies when you can not load the client with all sorts of cookies, but leave him only PHPSESSID to get by with just a session? After all, the setcookie() function was created for something. Where it is necessary to use cookies, except for any tokens and other information due to which access to the session is provided. Where is a cookie indispensable?
4 answer(s)
@Sanasol
there are so many more functions created for something! But you don’t run to use them because they exist?)
Only if you need a functional one.
and what do you store there right so massively? For authorization, it is enough to keep the user ID there, this is where the session function ends.
in sessions))))
So store what you want, as they said, basically all information in one way or another related to what is happening on the front goes into cookies. But at the same time, which nafig did not fall on the backend.
Anything from remembering which slide the slider stopped on to remembering what the user chose when sorting / filtering a table of some kind.
@Maksclub
@rework
@Arik
A
Alexander Aksentiev, 2018-02-07 @Sanasol
After all, the setcookie() function was created for something.
there are so many more functions created for something! But you don’t run to use them because they exist?)
Only if you need a functional one.
and what do you store there right so massively? For authorization, it is enough to keep the user ID there, this is where the session function ends.
in sessions))))
So store what you want, as they said, basically all information in one way or another related to what is happening on the front goes into cookies. But at the same time, which nafig did not fall on the backend.
Anything from remembering which slide the slider stopped on to remembering what the user chose when sorting / filtering a table of some kind.
M
Maksim Fedorov, 2018-02-07 @Maksclub
You can put harmless data in the cookie:
- user language or city
- theme (in terms of design)
- some tags for marketing (first source or ref-link)
- you can store a basket (product id)
- some dates
- user id (but not from the database!!! but some kind of identifier harmless for statistics)
- store how many times you liked this page and where you clicked
- store the state of the modal window (whether it was already given a pop-up or not, so as not to load the window on each page and not annoy)
E
Evgeny Kalibrov, 2018-02-07 @rework
In a cookie, data can be stored for a very long time, while in a session on the server, data will be stored only during the session itself. This is ideal when you want to save some data for unauthorized users, for example: a person came to your site, the site uses notifications that ask before displaying "does the person want to receive your notifications", the answer to this question is best stored in a cookie. The next time this user visits your site and he will have a new session, but the information that he does not want to see notifications will be stored in the cookie.
A
Arman, 2018-02-07 @Arik
And how long can you afford to keep sessions on the server? if the person doesn't come back? If this is a bot, which one generated another session for you? Cookies help to save some values for a long time, according to which after a long time we will be able to understand that we have already had a person and chose such and such options. On the other hand, cookies are sent on every request, whether it's a page, image, script, stylesheet, ajax request. All or almost all cookies are always sent. so you need to be careful with them, not to mention the fact that they can be faked or read. You also need to take into account the size of the data sent to the cookies, I saw many examples when nginx fell off due to large cookies, the user was lost, nothing was really seen in the logs.
Similar questions
S
Sergey2015-05-13 21:19:17
How and how to split a webm file into several working parts in linux?
2Reply
P
E
N
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question