1.

Session :
A session is used to save information on the server momentarily so that it may
be utilized across various pages of the website. It is the overall amount of time
spent on an activity. The user session begins when the user logs in to a specific
network application and ends when the user logs out of the program or shuts
down the machine.
Session values are far more secure since they are saved in binary or encrypted
form and can only be decoded at the server. When the user shuts down the
machine or logs out of the program, the session values are automatically
deleted. We must save the values in the database to keep them forever.
2. Cookie :
A cookie is a small text file that is saved on the user’s computer. The maximum
file size for a cookie is 4KB. It is also known as an HTTP cookie, a web cookie,
or an internet cookie. When a user first visits a website, the site sends data
packets to the user’s computer in the form of a cookie.
The information stored in cookies is not safe since it is kept on the client-side in
a text format that anybody can see. We can activate or disable cookies based
on our needs.
Difference Between Session and Cookies :
Cookie Session

Cookies are client-side files on a

local computer that hold user
information. Sessions are server-side files that contain user data.

Cookies end on the lifetime set by When the user quits the browser or logs out of the
the user. programmed, the session is over.

It can only store a certain amount of

info. It can hold an indefinite quantity of data.

We can keep as much data as we like within a

session, however there is a maximum memory
The browser’s cookies have a restriction of 128 MB that a script may consume at
maximum capacity of 4 KB. one time.
 Because cookies are kept on the
local computer, we don’t need to run To begin the session, we must use the session_start()
a function to start them. method.

Cookies are not secured. Session are more secured compare than cookies.

Cookies stored data in text file. Session save data in encrypted form.

Cookies stored on a limited data. Session stored a unlimited data.

In PHP, to get the data from Cookies

, $_COOKIES the global variable is In PHP  , to set the data from Session, $_SESSION
used the global variable is used

We can set an expiration date to In PHP, to destroy or remove the data stored within
delete the cookie’s data. It will a session, we can use the session_destroy() function,
automatically delete the data at that and to unset a specific variable, we can use the
specific time. unset() function.

Creating cookies with PHP

We can create a cookie as follows:

setcookie(name, value, expire, path, domain, secure, httponly);

The name parameter is required. The rest are optional.

Example
The code snippet below shows how we can create a cookie in PHP:
The following cookie will expire in 30 days (86400s * 30).
1
2
3
4
5
6
<!DOCTYPE html>
<?php
$cookie_name = "user";
$cookie_value = "John Doe";
setcookie($cookie_name, $cookie_value, time() + (86400 * 30), "/"); // 86400 = 1 
day
?>

We can also retrieve the set cookie using the cookie_name variable. It is done as

follows:
1
2
3
4
5
6
7
8
9
<html>
<body>
<?php
  echo "Cookie '" . $cookie_name . "' is set!<br>";
  echo "Value is: " . $_COOKIE[$cookie_name];
?>
</body>
</html>

Cookies are stored in the _COOKIE variable in PHP. Their value can be retrieved

using the cookie_name variable, which acts as an identifier.

Deleting a cookie
We can delete an existing cookie by changing its expiry date. We can set the
expiry date to be before the current time.
The setcookie function needs to be used again for this purpose.

The code snippet below shows how to delete the same cookie that we created
before:
1
2
3
4
<?php
// set the expiration date to one hour ago
setcookie("user", "", time() - 3600);
?>

Creating a session
A session begins by using the session_start function. Each session variable is
stored and retrieved from the global variable named _SESSION. Session
variable are then created as follows:

$_SESSION[identifier] = value;

Example

The example below shows how one can create session variables in PHP:
1

10
 11

12

13

14

15

 <?php

session_start();

?>

<!DOCTYPE html>

<html>

<body>

<?php

// Set session variables

$_SESSION["name"] = "Educative";

$_SESSION["ID"] = "123";

?>

</body>

</html> 

The code snippet below shows how we can retrieve session variables in PHP:
1

3
 4

10

11

12

13

14

15

 <?php

session_start();

?>

<!DOCTYPE html>

<html>

<body>

<?php

// Echo session variables that were set on previous page

echo "Company name is " . $_SESSION["name"] . ".<br>";

echo "Company ID is " . $_SESSION["ID"] . ".";

?>

</body>

</html> 
Deleting a session
A session can be using the session_unset and session_destroy functions in
PHP.
The session_unset function removes all session variables.

The session_destroy function destroys the session.

The example below shows how to destroy a session in PHP:

1

10

11

12

13

14

15

16
 17

<?php

session_start();

?>

<!DOCTYPE html>

<html>

<body>

<?php

// remove all session variables

session_unset();

// destroy the session

session_destroy();

?>

</body>

</html>