When Will session be used and cookie be used?

Hello everyone, when will session be used and when will cookie be used? I am a web cainiao. I have read a lot of information and I am very confused. it is very confusing how to use it in any scenario. I would like to ask you. for example, if you want to implement a shopping cart. (available for non-registered users) when a visitor submits a commodity to the shopping cart, he or she can get it... hello everyone, when will session be used and when will cookie be used?

I am a web cainiao. I have read a lot of information and I am confused about how to use it in some scenarios. I would like to ask you.

For example, if you want to implement a shopping cart (available for non-registered users)

When a visitor submits a product to the shopping cart, he can get the IP address and store the information. Currently, I have saved the data to the database.

But how can I confirm the current visitor when the next visitor visits? I am using the yii2 framework. when printing the sessionid, it is found that the id changes every time the browser is closed and re-opened. of course, this can be configured. however, for other purposes, the browser session must be disabled. in this case, how can we continue to confirm the identity of the current visitor when the next visitor opens the page? Then, the shopping cart information before the current visitor is obtained.

Thank you for your guidance.

Reply content:

Hello everyone, when will session be used and when will cookie be used?

I am a web cainiao. I have read a lot of information and I am confused about how to use it in some scenarios. I would like to ask you.

For example, if you want to implement a shopping cart (available for non-registered users)

When a visitor submits a product to the shopping cart, he can get the IP address and store the information. Currently, I have saved the data to the database.

But how can I confirm the current visitor when the next visitor visits? I am using the yii2 framework. when printing the sessionid, it is found that the id changes every time the browser is closed and re-opened. of course, this can be configured. however, for other purposes, the browser session must be disabled. in this case, how can we continue to confirm the identity of the current visitor when the next visitor opens the page? Then, the shopping cart information before the current visitor is obtained.

Thank you for your guidance.

You can easily select attributes based on your actual needs.

cookieComparedsessionThe lifecycle is longer, but the security is low.

Based on your current needs,cookieRandom recordsIDAdding a database to store a shopping cart is a good ending solution.

To distinguish when session is used and when cookie is used, you must first understand the difference between the two. Then decide what to use based on your needs.
Differences between cookie and session:
1. cookie data is stored in the client's browser, and session data is stored on the server.
2. Cookies are not safe. Others can analyze the Cookies stored locally and perform cookie spoofing.
Session should be used for security consideration.
3. The session will be stored on the server for a certain period of time. When the number of accesses increases, it will occupy the performance of your server.
COOKIE should be used in consideration of reducing server performance.
4. data stored in a single cookie cannot exceed 4 kb. Many browsers limit that a site can store up to 20 cookies.

Session is the session identifier of the service and client. cooike is the file that the service retains on the client.