Why use sessions?

Anon

Hello everyone =)

much as i understand the concept of a web session, i wonder why we have to use it. if we have to keep track of a user, why don't we just do the following:

1)validate the user
2)by using the user_id, retrieve anything that the user request

why do we have to borther about tracking the user when supposedly the user wants to buy something and does the following:

1)click on "buy"

at the back, what we do can simply be:

1)write into the database the userID and the itemID

and we can also keep track of what the user buy by reading from this particular table. Since this is the case, why do we still want a sessionID or even start a session?

any help would be appriciated. thanx

Anon

You don't have to use session at all, if you want to do things the hard way.

Sessions let you track a user with the least possible effort.
That means you don't have to check for cookies or have the user enter his username/password all the time.

Sessions don't offer anything new, it's just much easier with sessions.

Anon

There is nothing to prevent you from doing what you describe ... but you would be reinventing the wheel. Regardless of whether you use PHP sessions or invent your own, you must propagate a unique identifier across the life of a user interaction in order to associate each page with the underlying context. If you prefer to store the variables in a database manually rather than relying on the session code to do so, go right ahead. Or, if you prefer, you could write your own database code to store/retrieve PHP session data (rather than relying on the filesystem). If you have a server farm, for instance, that might be an appropriate way of sharing sessions across multiple servers.