PHP Cookies和会话之间的区别

In PHP, visitor information designated to be used across the site can be stored in either sessions or cookies. Both of them accomplish much the same thing. The main difference between cookies and sessions is that information stored in a cookie is stored on the visitor's browser, and information stored in a session is not—it is stored at the web server. This difference determines what each is best suited for.

在PHP中 ，可以在会话或cookie中存储指定用于整个站点的访问者信息。 他们两个都完成了几乎相同的事情。 Cookie和会话之间的主要区别在于，存储在Cookie中的信息存储在访问者的浏览器中，而存储在会话中的信息则不存储在Web服务器上。 这种差异决定了每种产品最适合的产品。

Cookie驻留在用户计算机上 ( A Cookie Resides on the User's Computer )

Your website can be set to place a cookie on a user's computer. That cookie maintains information in the user's machine until the information is deleted by the user. A person may have a username and password to your website. That information can be saved as a cookie on the visitor's computer, so there is no need for him to log in to your website on each visit. Common uses for cookies include authentication, storage of site preferences, and shopping cart items. Although you can store almost any text in a browser cookie, a user can block cookies or delete them at any time. If, for example, your website's shopping cart utilizes cookies, shoppers who block cookies in their browsers can't shop at your website.

您的网站可以设置为在用户的计算机上放置cookie。 该cookie会在用户的计算机中维护信息，直到该信息被用户删除为止。 一个人可能拥有您网站的用户名和密码。 该信息可以cookie的形式保存在访问者的计算机上，因此，无需在每次访问时都登录到您的网站。 Cookies的常见用法包括身份验证，网站首选项存储和购物车项目。 尽管您几乎可以在浏览器cookie中存储任何文本，但是用户可以随时阻止或删除cookie。 例如，如果您网站的购物车使用Cookie，则在浏览器中阻止Cookie的购物者将无法在您的网站上购物。

Cookies can be disabled or edited by the visitor. Do not use cookies to store sensitive data.

访客可以禁用或编辑Cookies。 不要使用cookie来存储敏感数据。

会话信息驻留在Web服务器上 ( Session Information Resides on the Web Server )

A session is server-side information intended to exist only throughout the visitor's interaction with the website. Only a unique identifier is stored on the client side. This token is passed to the web server when the visitor's browser requests your HTTP address. That token matches your website with the visitor's information while the user is at your site. When the user closes the website, the session ends, and your website loses access to the information. If you don't need any permanent data, sessions are usually the way to go. They are a little easier to use, and they can be as large as needed, in comparison with cookies, which are relatively small.

会话是服务器端信息，仅在访问者与网站进行交互时才存在。 客户端仅存储唯一标识符。 访问者的浏览器请求您的HTTP地址时，此令牌将传递到Web服务器。 当用户在您的网站上时，该令牌会将您的网站与访问者的信息进行匹配。 当用户关闭网站时，会话结束，并且您的网站无法访问信息。 如果您不需要任何永久性数据，通常可以使用会话。 与相对较小的cookie相比，它们更易于使用，并且可以根据需要而变大。

Sessions cannot be disabled or edited by the visitor.  

访问者无法禁用或编辑会话。

So, if you have a site requiring a login, that information is better served as a cookie, or the user would be forced to log in every time he visits. If you prefer tighter security and the ability to control the data and when it expires, sessions work best.

因此，如果您有一个需要登录的站点，则最好将该信息用作cookie，否则用户每次访问时都将被迫登录。 如果您希望更严格的安全性以及控制数据以及数据过期的能力，则会话将发挥最佳效果。

You can, of course, get the best of both worlds. When you know what each does, you can use a combination of cookies and sessions to make your site work exactly the way you want it to work.

当然，您可以两全其美。 当您知道每种功能时，可以结合使用Cookie和会话，以使网站完全按照您希望的方式工作。

翻译自: https://www.thoughtco.com/the-difference-between-cookies-and-sessions-2693956