Session x Cookie

[Cassio]

Hi! I´m starting an online store project and this session x cookies thing is not very clear to me.

Whats the diference in using session variables, since it uses a cookie in the client?

What if the client disable cookies in the browser?Will the session variables still work?

Is it ok to use session variables for a site that will have 100 users simultaneusly?

 

 

Thanks for the help!

[Derek Stone]

Sessions will not work if cookies are disabled on the client unless the session configuration (in web.config) has the attribute "cookieless" set to true. Generally speaking, that isn't an advisable solution.

 

And yes, it's fine to use session variables on a site with 100 concurrent users. Just be wise as to what you store in each user's session. Keep the data as compact as possible.

[Cassio]

Thanks Derek.

Do you think using cookies in an online store would be apropriated? Or its kind of risky since some people disable cookies?

[Derek Stone]

Well, you need to use either a cookie or a session hash located in the URI's query string or path info. There aren't any other alternatives. Amazon.com uses the session hash method which I find to be a more compatible solution to cookies, although harder to work with from a development standpoint.

[Cassio]

OK, thanks.

One last question: When I set "cookieless=false" it means the sessions will use cookies in the client, right? Will it still consume memory from the webserver or it will act exactly like a normal cookie?

[Derek Stone]

It will act like a session, since that's what that attribute describes. And yes, it will consume a small portion of memory for each user.

 

If you want to use cookies use cookies, not sessions.