A guide towards Cookies and Sessions knowledge

The HyperText Transfer Protocol was designed for the support of request-response and stateless model of transferring information and data from one server to a client. The first version of HTTP, 1.0, supported a 1:1 connection ratio, which means one response pair was supported by 1 connection. The second version 1.1, extended the ratio to N:1 which supported many responses and requests by 1 connection. The HTTP is now used in a wide manner, becoming more than just a mechanism for transferring data and information from one server to the client. It has now become a better platform for many applications. The resemblance ends the same, as HTTP was designed only for transferring documents, despite the fact both the application and documents protocols are text-based.

The HTTP is stateless, so it is quite obvious that it is not perfect for applications. It has become one of the most widely accepted and useful hacks. The state of the HTTP could be easily tracked throughout the usage of the delivered application. This above-mentioned Hack is where the Cookies and Sessions come into play.

Sessions - For Transforming the Stateless into Stateful

The only way in which the application servers and web servers maintain state are Sessions. Sessions are small chunks of memory which are associated with each and every TCP connection which is made to application or web servers. These sessions serve as an in-memory storage for the data and documents in the HTTP- based application. In such applications, when a user connects to a new server, a consistent session is associated and created.

This session is then associated with the connection. The developers with the help of these sessions can store bits of application’s related documents and data.  The data which is stored can be ranged from important information such as customer ID to less important and consequential data.

Understanding the usefulness of session with examples

The best example of the importance and Usefulness of these sessions are shopping carts. Everyone has once in their lifetime shopped online. When you select your item which you want to purchase, it automatically stores your choice in the store’s shopping cart. The items in that cart remain there over a course of “session”, as because every item or product you add to your cart is represented in a session on the website’s server. One more good example of sessions is online customization applications. These small applications offer you to see and browse a group of options and select according to your taste.

After adding all the things, you click through every screen of the option. In such cases, other options are stored in sessions, from where you can easily review or retrieve your saved data.

Cookies – The track of bits leads home

The bits of data which are stored on the client by the browser are called Cookies. Cookies are capable of storing all sorts of interesting tidbits about your applications, sites you visit and about you. The above-mentioned term is derived from the word Magic Cookie, which is a well recognized and known concept in Unix Computing. The concept had inspired both the name and the idea. With the help of the HTTP Header, cookies are created and distributed between the server and the browser. The browser knows automatically that it needs to store the cookies in a file in your computer or in the HTTP header. The browser keeps a track on the cookies on per domain basis. The cookies for any domain are passed to the server with the help of the browser in the HTTP header. This helps the developers of the web applications for retrieving those values from the server of the application.

The way in which the connection or session length issue is solved, is with the help of a cookie. Almost every new web application made with HTTP generate a session ID. This session is passed along as a cookie. This session ID enables the application for finding the proper session in the server, even if the connection from where the session is created in closed. With the help of the exchange or sharing of session ID, the state can be maintained for a stateless mechanism protocol such as HTTP.

In short, instead of storing a huge and constantly changing data and documents with the help of cookies in a user’s browser, only a unique identifying data is stored on the client which is called the session. The session ID is then distributed to the website server each and every time the user’s browser makes an HTTP request like AJAX request or Page Link. The use of Cookie and Session in PHP is, the data stored in sessions are stored on the server and these sessions are identified by the cookies. Both these are very important in HTTP applications and PHP.