whic is better

miles_rich

I have been reading up about user authentification systems, (logins) and have come accross a few different methods, and i am confused about which is better. Are cookies or sessions better?

i found this, is it any good??

Look here

has anyone got a reasonable tutorial about the best one?

deuce868

i think it depends on your server and how many active logins we are talking about.

The big drawback of sessions is that each one creates a file on the webserver and takes server overhead to deal with. If you have a decent server and a somewhat limited number of logins then I personally like this way.

David_Wood

And one problem with cookies is if they have been turned off.

Probably the ieal option is to use cookies with a fall back to sessions if cookies have been disabled - but I have not got a clue as to how code that.

deuce868

your login script would have to try to set the cookie, then try to read it back...if it is set then you're golden and can forward somewhere else.

If when you try to read it back it is not set you could call a function that sets all the vars you need for login in session vars instead.

Then on your pages you would have to check for the cookie first, and if that test fails check session for the login.

Best I have off the top of my head as far as algorithm.