Sessions and cookies can be used and accessed like any other variables. The values are stored in the $_SESSION and $_COOKIE arrays respectively.
Sessions allow values to persist between page loads without using a form to send it via the post or get methods. That session is unique to each user for the length of time that they have the browser open. As soon as the browser is closed the session array is destroyed. This is where cookies come in - cookies allow for values to persist between browser open/closing. These are stored on the user's PC and can be edited by the user. Be careful with the information that you store in cookies - usernames and passwords would be a big no no.
There is one drawback of session data and that is the fact that temporary files are stored on the server in a folder that can be accessed by users if you aren't careful. Stealing each other's session data/values will mean your users can access each other's details/pages. There is a custom script that stores all session data in a table in your MySQL database which increases security significantly. I have attached it as a .zip file  )
Just change the details of the .config file and paste this into your MySQL database.
CREATE TABLE `sessions` (
`session_id` varchar(32) NOT NULL,
`session_access` int(255) unsigned default NULL,
`session_data` text,
PRIMARY KEY (`session_id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1; |
