Managing Sessions & Cookies

Before learning Sessions and Cookies you should know about HTTP and its Stateless process, Stateless means server doesn’t know about your previous requests as each request is treated new by the browser. So each time when you are browsing your personal account on the website, you have to login again? But we don’t login again and this is because of Cookies or session.

So, the basic task of both cookies and sessions is to store visitor data so that it can be accessed by every page on a website.


Cookies are small text files that are stored in the visitor’s browser for a specific time or for a long -lifespan. Cookies can be edited by the visitor.  in short Cookies are client-side files that contain user information.


Sessions are small files that are stored on the website’s server. Sessions have a limited lifespan, they expire when the browser is closed or logged out from the session. Sessions cannot be edited by the visitor or user. Session Max life time is 1440 Seconds(24 Minutes) as defined in php.ini file however you may change it accordingly

In short, cookies serve on the visitor’s computer and sessions serve on server.

By giving each visitor a cookie with a unique ID, I can use that cookie to recognize each visitor when they return. I can then use sessions to handle the page-to-page data exchange that actually provides each visitor with their customized settings and information, which are provided by each visitor and stored in a database until they are reference by the unique ID stored in the cookie.

Cookie Example

PHP allows you to create, retrieve and update cookies. The setcookie() function is used to first create a cookie.

The syntax is: setcookie(name, value, expire, path, domain);


setcookie(“username”, “Hirdesh Bhardwaj”, time()+20);

setcookie(“pin”, “4412”, time()+20);


Here we have set a cookie name – username and set value Hirdesh Bhardwaj to it. Cookie username will store this value for next 20 seconds from the current time or the very first when you sent this cookie to browser.

Now, we are free to retrieve the value that is stored in our cookie, using the $_COOKIE super global PHP keyword. It is best to use the isset() function for this, because if a cookie has not been set on the computer that we are trying to retrieve it from, headaches can result.


if (isset($_COOKIE[“username”]))


echo “Welcome ” . $_COOKIE[“username”];




echo “Welcome guest!<br> Cookies Expired.”;



Session Example:

Before using $_SESSION, you have to write session_start();  In that way session will start and you can access $_SESSION variable on that page.

Login System using Session

Let’s create a program that contain code for the successful login to dashboard by the registered user


<form method=”post” action=”login.php”>

Email : <input type=”text” name=”txtEmail” /><br>

Password: <input type=”text” name=”txtPassword” /><br>

<input type=”submit” value=”Login” />