Where session actually be saved, client browser or server?

May 25, 2008

Session is the most widely used PHP feature which is being used for security purpose. From beginner to expert, almost all coder feel comfort using session as for its wonderful feature (preserving data across subsequent accesses) .
But question is, where actually session data be saved? In client browser URL or in browser cookie? Or, in server?

First and simple answer is – session born in server and uses browser’s cookie to keep track (alive) by an Id. If cookie is not enabled, it parses to browser URL as variable (serialized).

Now, how can server remember the huge number of variables that is registered with session? Specially when PHP is installed as CGI wrapper, as PHP interpreter is created and destroyed for every page request.

Yes, server needs to save those data in its physical memory too.
Session creates a file to save its information at the location assigned by session_save_path() function or set by session.save_path option.

So, at the final sentence, we can say that session uses  memory – server side (physical file in session_save_path location) to save all data and client side (physical file cookie) or in URL as a variable where just a unique ID (sesssion id) is saved.


One Response to “Where session actually be saved, client browser or server?”

  1. Anonymous Says:

    Good day! I simply would like to give a huge thumbs up for the
    great information you’ve here on this post.
    I will be coming again to your blog for more soon.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: