Good day. I have a blog. I'm trying to improve adding comments by memorizing a name and email. addresses (i.e., the user will have to enter his name and address once, then it will be filled in automatically). How best to store it: in a cookie or in a session?

    2 answers 2


    • session - on the server;
    • Cookies are on the client.

    Proceeding from security, user data must be stored in sessions (in this case the session hash identifier will be stored in cookies).

    Cookies should also store data that is not confidential and requires long-term storage, for example, some statistics for marketing research, as well as indicators of various tools on the site for their visualization (as an example: hide this plate forever). Anyway, all the data that is not appropriate to store in the database.

    For cookies and sessions, you can set the time of their life. However, sometimes the lifetime of sessions can be limited by hosting (free- / economy hosting)

    • if I understand the author correctly, he needs cookies because the data will be substituted into the input fields that the user already enters himself (comment system for "guests"). - Vladimir Klykov
    • @ ToRcH565 possible. Depends on the correctness of the question asked. If you just auto-fill the fields, then the browser can easily handle it. - romeo
    • Not any browser, and it depends on the settings) + you need to start typing words ... and in this way, when entering the page, the data will already be entered, or an “login login” will be created, depending on what the author wants :) - Vladimir Klykov
    • @ ToRcH565 Well, except perhaps the login, for the password cannot be stored anywhere explicitly, especially in cookies. - romeo

    Cookies are stored by the user and transmitted to the server each time (with each request). Session - is stored on the server and lives for a limited time, (usually 30 minutes) and the session id is also written in the cookie.

    In your case, I think cookies will be better, and exactly what you need. Because lifetime - set by you or until deleted by the user, + the amount of information is not large to save traffic ...

    • Upd counting the storage time of cookies is from the moment of installation (it is better to update each time you visit the page) The counting time for storing sessions is from the time of the last call. - Vladimir Klykov