Do session in php uses cookie ?
Yes, Sessions are implemented by using cookies, but the actual data is not in the browser; rather, it is stored in the user's session record on the server and cookies are used to identify a particular end-user's session record on the server records. Hence, they are a more secure way of storing user information.
Session in Php consist of two things.
- Session data with Session-ID at server,
- A cookie containing only the reference to the server Session-ID (Transient cookie/Session cookie).
Every session have a Session-ID. Session-ID is a unique value assigned by the server to a specific user, during his visit(session). This session ID is attached to a cookie and this cookie will be shared from client to server (and server to client) during its requests/responses. And server will identify session based on session id which is retrieved from cookie.
- Client-side cookie generated by a session only contains the id reference a random string of 32 hexadecimal digits, such as ‘fca17f071bbg9bf7f85ca281653499a4′ called a ‘Session-ID’.
- Function session_id() is used to get or set the session id for the current session.
-
The constant
SIDcan also be used to retrieve the current name and session id as a string suitable for adding to URLs. See also Session handling.
