0

Can cookies be used to replace the session superglobal

session and the cookie are all superglobals in php, but session ends when the user exits the browser.

2nd Dec 2020, 4:58 PM
EMMANUEL NUOTAH TUONUO DERY
EMMANUEL NUOTAH TUONUO DERY - avatar
2 ответов
+ 2
EMMANUEL NUOTAH TUONUO DERY Hmmm... 🤔 When a cookie is created without specifying an expiration, the cookie will automatically be cleared when the browser closes. Server sessions, on the other hand, remains in memory until it's expired or explicitly unset or memory is reclaimed. If the session ID is cleared from the cookie, a new session is created. But the old session remains until expired. It's just orphaned from any clients... so-to-speak. Likewise, the session could expire before the cookie expires. In this case, the browser cookie will be orphaned from any session on the server. So... while it appears the session ended when the browser closes, it's really that the cookie was cleared. Technically speaking... the connection between the server and browser is stateless, as in, the server is disconnected from the client after sending the response. Not sure if I answered your question. But the question details implied a possible misunderstanding. I hope this helps.
3rd Dec 2020, 4:25 AM
David Carroll
David Carroll - avatar
+ 1
Yes, but I believe lots security flaws would arise. You should check Oauth by the way to improve security.
2nd Dec 2020, 5:05 PM
Coal