Jump to content
Larry Ullman's Book Forums

Recommended Posts

I am trying to decide to go with Sessions or Cookies.

After reading page 404 about the two choices, it seems cookies are it (I only want to store a single number -which refers to a particular database from which information will be sent to the user). Not having required users to allow cookies in the past, making this website a "multi-user" (users from different geographic areas) system I must now do so.

I worry about users not allowing cookies. My research gives varying answers about percentages of users that allow or disallow. What makes it vague is the information I read about does not discriminate between the different type of cookies -third party, tracking, secondary etc. On browsers, people can allow (or not) any of these groups or shut off "all" cookies. I do not want to turn returning users away by shutting them out of the site because they suddenly have to deal with the cookie issue.

If I go with Session,  every time they log in they will have to make a choice about which geographic area they are from (related to choice of db tables).

My single cookie, say, the number 1 as the cookie's value handles everything I need and can last a year.

So, what is the risk of losing users by storing a cookie vs the more complex and non viable Session.

And, does not starting a Session require the placement of a 'PHPSESSID'? Would not allowing "all" cookies disable the Session?

Sorry for the long explanation.



Link to comment
Share on other sites

I feel like using cookies is fairly standard--and reasonable--these days and is the right approach here. Sessions do also require cookies, or a somewhat complex workaround, and are more demanding of the server. All in all, sessions are a lot of work just to store a single number. 

Link to comment
Share on other sites


  • Create New...