Use Cookies or Session for business guide?

Asked

Viewed 107 times

0

I’m putting together a business guide and I’d like to know if it’s better to use a cookie or Session to store the id_city that it belongs to in the first access;

2 answers

0

Possible duplicate of What’s the difference between Sessions and Cookies and Session C# how it works?

Copying the brief explanation....

Cookie is a storage engine for your client-side variables. It is physically stored on the client’s computer by the browser. Different users on the same computer can read/use the same cookie.

On that account (some comments):

  • You should not store sensitive data in the cookie.
  • You should not store data that belongs to a user account.
  • Cookie has no effect on server resources.
  • Cookie expires on the date you specify.

To Session is also a storage engine for your variables, but on the server side. By default, Session stores your data in the server memory. But you can configure to store it by SQL Server, for example. The same user can run two or more browsers and each browser has its own session.

That is to say:

  • You can save sensitive data in session.
  • You should not save everything in session. that is waste of resources from the server.
  • After the user closes the browser, the timeout will make all the information is deleted. By default, this time is 20 minutes.

The usage circumstance will depend on your scope and what you will store...

In your case

I would use Session, since we are talking about a sensitive data...

  • Thanks @Marllon Nasser

0


Sesssions are destroyed when the browser is closed (except if the visitor marks the option to continue where he left off in the browser), cookies remain valid for as long as you determine, or until the customer deletes them.

Knowing this, it becomes simple to decide which one to use. In your case, I believe cookies are more interesting, because if you set a significant expiration date, some other day when it comes back, it will be the way it left it.

Remember: never save important information (passwords or personal data) in plain text in a cookie, preferably or save this type of data on the client’s side, because anyone with access to the computer will be able to view such data.

I will not address this issue here because it escapes your question, but if you are interested, just search here on Stackoverflow or Google itself, you will have a lot of information about.

  • Thanks for the explanation @Clayderson Ferreira I believe that cookies will be the best option even

  • Guys, think about the security... What stops the customer from changing the value of the cookie? If you are going to use a cookie, I advise you to encrypt it :)

Browser other questions tagged

You are not signed in. Login or sign up in order to post.