Which should i choose, post you oppinions, i would prefer cookies but id like others oppinions.

Since I usually don't accept cookies except in rare instances when I go back to a site over and over, I think you'd be better off with sessions.

I prefer sessions because not all users have cookies on. I only use cookies when I have to for when I want to store data between a user's visits.

Personally I would recommend you make a system that can use either one or possibly both.

However, if I had to choose between one, cookies would be the way to go for me.

Originally posted by SnakEyez
Personally I would recommend you make a system that can use either one or possibly both.

However, if I had to choose between one, cookies would be the way to go for me.
Why do you prefer cookies or sessions? o.O

If you only need to store data for the one time the user is on the site, there is no need for cookies. In fact, sessions are better because they are harder/impossible to hack since they are server side as opposed to client side.

It's much better to stick to server side instead of having to rely on the client's browser.

And if you do have to keep data between visits, it's still best to transfer the data off the cookie and onto the session when they first enter the site and only write to the cookie when things need to be changed.

"Since I usually don't accept cookies except in rare instances when I go back to a site over and over, I think you'd be better off with sessions."

Sessions still use cookies. A cookie is needed to maintain state.

Originally posted by y6y6y6
Sessions still use cookies.
I think you're thinking of session cookies, not sessions. They are different. Sessions are completely server side and do not use cookies.

Check the php docs:

"A visitor accessing your web site is assigned an unique id, the so-called session id. This is either stored in a cookie on the user side or is propagated in the URL."

The session needs some sort of token to maintain state. By default php uses cokies to do this. You can force it to pass the token in the URL, but that's ugly and isn't the regular behavior.

If you go to a site yu know is using sessions you'll be able to chek your cookies directory and see the cookie being set.

Originally posted by y6y6y6
If you go to a site yu know is using sessions you'll be able to chek your cookies directory and see the cookie being set.

Wow, I never knew that, thanks. They get you either way, huh?

"They get you either way, huh?"

Get you how? Cookies are pretty harmless. Third party cookies can be used to track people, but even DoubleClick gave up on that. The information just isn't useful to anyone.

I don't like having a reminder on my computer of sites I visit, harmless or not. I'm funny that way. Over the years, I have found that the more "harmless" stuff that builds up on your computer, the sooner you start having problems. I like to keep a clean hard drive.

It all depends on the use. For shopping carts i'd prefer a cookie cause then things aren't stored on the server, but for regular use I dig sessions cause then I can block cookies and not have to think about it.

Hmm, then how come even if you have all cookies off, it remembers your session?

"Hmm, then how come even if you have all cookies off, it remembers your session?"

Well, as I said, the token can be passed in the URL. PHP may be handling this transparently if cookies are turned off.

If configured properly (and I think this is turned on by default now), all relitive links on page are re-written dynamically by PHP to include session ID if the session cookie fails to set. Thus:
<a href=?index.php?>Home</a>
becomes
<a href=?index.php?SESSIONID=9d8f9e807234a?>Home</a>.

I've heard hints that this variable might be automatically passed in a hidden form field as well, but I can't find that definitively documented anywhere. And since the SID variables is available to your scripts you could always build your own propagation system.

My point is that people seem to think using sessions means you aren't using cookies, which isn't true.

Yes, when I first enter my site I'm writing using sessions, all the links of that page will have the session ID after it, then they go away.

Anyway, I still vote for sessions as the varaiables are stored server side as opposed to client side.

I don't think anyone should have the right to automatically download anything at all onto your machine unless you specifically request it, such as downloading images on a page you browse. That includes cookies, which to me is just another form of spyware. That may make me a Luddite or something, but that's what I think.

Cookies aren't bad - it's the content some people put in them that's "bad" (matter of opinion).

All of the cookies I use contain harmless data that stores your preferences and stuff.

Originally posted by Viper007Bond
Cookies aren't bad - it's the content some people put in them that's "bad" (matter of opinion).

All of the cookies I use contain harmless data that stores your preferences and stuff.

Ahh... so stupid people = stupid cookies.

That's good - now when I get sick of Wild Tangent, i'll just call the mob and have the company erased instead of erasing the cookies.

this thread has been split. it went way off course

http://forums.hostrocket.com/showthread.php?threadid=11592

I still have my old 800 MHz athlon machine as a backup, it slows to a crawl if I don't reformat it periodically. If you download stuff, well, that's what burners are for.

Are you guys talking about password-protecting your pages? If so, could someone point me in the right direction on how to get started. I've just been manipulating my admin pages by either passing form values or using the $REFERER variable. I'm sure there's a more proper method, but I don't really know what to look for.

-Czervik

You can password protect pages directly through your control panel. If you have a paying site with password-protection, you probably want to look for some kind of package software that combines password protection and billing capabilities.