which one is better - Using cookies or session objects?

A Session is a special kind of cookie with different expiration rules.

It basicly sets a cookie for your webdomain with something like COOKIE@mydomain {SESSION: <long unique string>}
And your webserver has a sort of database in memory that maps that long unique string to a collection of data objects (which you would access with the Session["object_nam e"] call)

Sessions can build up and occupy a lot of memory on the server, but it (slightly) speeds up data-transfer since you aren't passing in the header all the cookies you would use.
i.e.
COOKIE1@mydomai n {mycolor: <value>}
COOKIE2@mydomai n {myname: <value>}
COOKIE3@mydomai n {myaddress: <value>}
COOKIE4@mydomai n {myphonenumber: <value>}

Now, a session cookie is only good as long as your webserver maintains a session record for it in it's DB (which gets reset on rebuilds and timeouts and the like), while a standard cookie could potentially stay as long as you want it to (unles a user deletes it manually)

Hi Gomzi,

Check out this .NET article on Sessions to help you understand them a bit better.

As for your question: Cookies vs Session Objects.

It really depends on the information that you're system's going to be using. Cookies are stored on the client side. This means that you're depending on the user's computer to hold information. It also means that there is a greater possibility this information can be modified by the user, or captured by a 3rd party and used in a malicious manner.

Sessions depend on a Session Identifier Cookie to identify the browser with their Session objects. So, either way you're still going to have to use at least one cookie.

I myself tend to use Sessions mostly, but this is just a matter of preference.

-Frinny

Slightly out of the norm... but... its appropriate...

<3 Sessions


If you havent seen the danger in cookies, go to Hack This Site

Awesome!
In the back of my mind I was looking for a site like this one. Thanks a lot for the link TRScheel!

I see. Thanks mate. Just read your article too. Could you tell me as to what exactly you mean by "web garden"?

Thanks,
Gomzi.

A web garden is a site that is hosted with multiple processes.

NOT to be confused with a web farm, which is a site hosted on multiple servers.

session method is better to storing information rather than cookies...
session varible is more relaible compare to cookies

it actually depends on the situtation on which u r working sometime cookies are mush better option then session and some time session is better.

Since we're still discussing I will weigh in on how I use them.
I have one section of a website with a custom login, I use a session object to store login credentials and user info (i.e. I pull like their NAME and other stuff into the session so I can use them on all the pages)
Since I don't care about the information outside of the session, it can expire with the session.

Now I also have an order form (outside of the login area) with lots of fields to fill out. On a successful submition, I give the user the ability to save a cookie retaining a number of the fields as a cookie. So everytime they go back to the form, things like email and name and other bits of information are kept for them and already filled in.

Hm......... I seem to be getting your point. But if one has a site hosted on a shared hosting environment, then which one would you prefer?
OR
It makes no difference?

Thanks,
Gomzi.