Analyze the differences between session and cookie

Security comparison: Sessions are stored on the server, and the client does not know the information. cookies are stored on the client, and the server can know the information. Cookie is not very secure. others can analyze the cookies stored locally and perform cookie spoofing. considering the security, session should be used for security comparison: Session is saved on the server side, the client does not know the information. the cookie is saved on the client, and the server can know the information. Cookie is not very secure. others can analyze the local cookies and perform cookie spoofing. session should be used for security.
Comparison from the access method: objects are saved in the Session, and strings are saved in the cookie.
Compare whether to differentiate paths: Sessions cannot differentiate paths. when a user accesses a website, all sessions can be accessed anywhere. If path parameters are set in the cookie, the cookies in different paths of the same website cannot access each other.
Compare the working methods: the Session must use cookies to work normally. If the client completely disables cookies, the session will become invalid.
In terms of server performance, the Session will be stored on the server for a certain period of time. When the number of accesses increases, the performance of your server will be relatively occupied. to reduce the server performance, cookies should be used.
The set time should be used with cookie: session_set_cookie_params = "";
Setcookie (name, value, time endpoint (timestamp), Path, scope );