session_start vs cookies

Question

himanjim 0 Junior Poster in Training

17 Years Ago

Hey friends I've a doubt regarding my password authentication code given below
If we use session _start function one need not use the cookies as

     $_SESSION['user'] = $username;
     $_SESSION['password'] = $password;

functions do the same job that cookies would have done so my cookies code is just a clutter??

Here's my code

<?PHP
session_start();
?>
<?php
include "connect.php";
include 'var.php';
print "<link rel='stylesheet' href='http://127.0.0.1/styles/styles.css' type='text/css'>";
if (isset($_POST['submit'])) // name of submit button
{
    $username = $_POST['username'];
    $password = $_POST['password'];
    $password = md5($hash . md5($password));
    $query = "SELECT* from moderators where username='$username' and password='$password'";
    $usercheck1 = mysql_query($query) or die(mysql_error());
    $usercheck2 = mysql_num_rows($usercheck1);
    if ($usercheck2)
    {
        $_SESSION['user'] = $username;
        $_SESSION['password'] = $password;
        if ($_POST['remember'])
        {
            $memberid = $result2[username];
            $passkey = $result2[password];
            [COLOR=Green]$cookie1 = "[0]";
            $cookie2 = "[1]";
            $cookie3 = "$cookiename$cookie1";
            $cookie4 = "$cookiename$cookie2";
            setcookie("$cookie3", "$memberid", time() + 7776000);
            setcookie("$cookie4", "$passkey", time() + 7776000);[/COLOR]
        }
        print "<center>";
        print "<table class='tborder' cellpadding='6' cellspacing='1' border='0'>";
        print "<tr><td class='panelsurround' align='center'><center>Logged In</center></td></tr></table></center>";
        print "<META HTTP-EQUIV = 'Refresh' Content = '2; URL =http://127.0.0.1/register.php'></center>";
    }
    else
    {
        print "<center>";
        print "<table class='tborder' cellpadding='6' cellspacing='1' border='0'>";
        print "<tr><td class='panelsurround' align='center'><center>Invalid username or password</center></td></tr></table></center>";
        //print "<META HTTP-EQUIV = 'Refresh' Content = '2; URL =http://127.0.0.1/login.php'></center>";

    }
}
?>

php

Edited 11 Years Ago by mike_2000_17 because: Fixed formatting

3 Contributors
3 Replies
189 Views
1 Day Discussion Span
Latest Post 17 Years Ago Latest Post by Puckdropper

ryan_vietnow 13 Posting Pro

17 Years Ago

I think it's better to use sessions rather than cookies because cookies can be deleted by the user while sessions can not be deleted.
Me,I don't use cookies anymore.
Just my opinion....

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

himanjim 0 Junior Poster in Training · Answer 1 · 2007-10-06T10:35:14+00:00

Thanx a lot Mr.ryan_vietnow I also in the same shoes

Puckdropper 7 Posting Pro in Training · Answer 2 · 2007-10-07T14:48:11+00:00

Cookies are bits of information that will remain accessible to the browser across many openings and closings of the browser. For example, the "Remember me" functions of websites use sessions. Sessions, OTOH, are only remembered while the browser is opened. If the browser is closed, the session ID will be different and the user will have to do things like log in again.

For the record, Mozilla lets me delete the session ID when I want to. It's just another cookie in Mozilla's point of view.