Identification with Cookies and Sessions in PHP

Cookies: data that identify a browser

Cookies are simple flat text files (without format, without any decoration), created by the user's browser on their own computer, at the time the Web server requests it.

Within this text file, the user's browser will store the data that the server will send, and then - this is essential - the browser will automatically forward all the data to the server in each "request" the user makes to that same domain (that is, in each link that you press or in each form that leads to a page of that site that ordered you to create the cookie).

That way, that server can identify that user throughout his navigation through the different pages of that same site, something that would serve both to show specific content created for that user, as for other tasks more invisible to the user but very useful for the owner of the site as, for example, keep statistics of the visits of each user.

Some possible uses: the server can store the user's name to greet him every time he enters a page of this site; memorize the products that you have chosen from a shopping cart until you complete the purchase operation; remember the language preferred by the user to navigate through that site; or the date of your last visit. And many other uses more.

The way a web server (typically Apache, the web server installed in most hostings) will order the user's browser (Firefox, Explorer, Opera, etc.). Create some of those text files called cookies, it will be totally under our control, since it would be our own PHP code that will order the web server that this, in turn, will ask the browser to create the cookie and, once created, another PHP code will be able to request that it be store data within that file, or read those stored there.

The way in which these text files are created on the user's hard drive should not worry us: that's the user's browser, after we execute the PHP instruction that, in a few moments, we will learn.

ATTENTION: this convenience of "the browser does everything" is a double-edged sword, because just as the browser simplifies our work, it can also prevent us from completely using cookies, if the user has configured his browser so that it does not let's create them. Therefore, when we use cookies, as far as possible, we should have an alternative B plan (for example, we would like to propose if it would not be better to use sessions) so as not to leave out those who have this option disabled in their browser.