Cookies vs Sessions
HTTP is stateless, which means that any data stored are destroyed when the client receives the page from the server and the connection is closed. Cookies and sessions are two solutions for this problem. Cookie is a very small piece of information that is stored on the client’s machine by the web site and is sent back to the server each time a page is requested. Session is a way of storing information on the server as opposed to on the client’s machine.
What are Cookies?
What are Sessions?
Session is another means of storing information across pages. But this is done in the server-side. Session actually uses a server-side and a client-side cookie to store data. But the client-side cookie only stores a reference to the corresponding data stored on the server. When the user visits the web site, client side cookie (with a reference number) is sent to the server, and server uses this number to load the data of the user. Server-side cookie can store large amounts of data. Since the client-side cookie stores only the reference number, bandwidth is saved immensely. Since session data is stored in the server, they are much more protected.
What is the difference between Cookies and Sessions?