I am trying to decide to go with Sessions or Cookies.
After reading page 404 about the two choices, it seems cookies are it (I only want to store a single number -which refers to a particular database from which information will be sent to the user). Not having required users to allow cookies in the past, making this website a "multi-user" (users from different geographic areas) system I must now do so.
I worry about users not allowing cookies. My research gives varying answers about percentages of users that allow or disallow. What makes it vague is the information I read about does not discriminate between the different type of cookies -third party, tracking, secondary etc. On browsers, people can allow (or not) any of these groups or shut off "all" cookies. I do not want to turn returning users away by shutting them out of the site because they suddenly have to deal with the cookie issue.
If I go with Session, every time they log in they will have to make a choice about which geographic area they are from (related to choice of db tables).
My single cookie, say, the number 1 as the cookie's value handles everything I need and can last a year.
So, what is the risk of losing users by storing a cookie vs the more complex and non viable Session.
And, does not starting a Session require the placement of a 'PHPSESSID'? Would not allowing "all" cookies disable the Session?
Sorry for the long explanation.