0

How can we keep session value when user cookies are deleted?

 <?php session_start(); echo $_SESSION['userdata']['name']='bikash'; ?>

If user deletes the cookies, my session value has deleted. Please advise.

Improve this question

6 Answers 6

Reset to default
9

Because the session ID is stored in a cookie. If the user deletes it, then you can't recover it.

Improve this answer
Sign up to request clarification or add additional context in comments.

8 Comments

you mean we can`t keep session value after delete the cookies
@BikashNayak, as I said in a separate comment, it is possible, but not in any secure way.
can any one explain the thing i cant understand if session handler support in PHP then why cant we keep session value after delete the cookies value ?
@BikashNayak, the session data is stored on the server. Each session has an ID so it can be identified when the user makes a request. This ID is stored on the browser using a cookie, then the browser sends it along with each request. If the cookies are deleted, then the ID from the browser disappears and it won't know what it was anymore.
ok @Rid , secure purpose its ok, can you give some example how to keep?session value
|
2

Once cookie is deleted, session ID is deleted as well as it's in that cookie. There's no way to get session ID if cookie is deleted as per my knowledge

Improve this answer

10 Comments

you mean we can`t keep session value after delete cookies
@BikashNayak, you could if you sent the session ID as part of the URL instead of in a cookie. But if you keep it in a cookie and the cookie is deleted, the session ID goes with it.
Agree. make session id part of url
@Shumail92, I'm not sure if this is something to be recommended though. It would fix the problem, but introduce many security issues.
Exactly that's why i didn't mention it first.
|
2

As rid already said, the session identifier is stored within a cookie for every user. So when they delete their cookies, the session identifier is also gone, making it impossible for session_start to relaunch the previous session. Instead it will start a new one, with no data.

If you have some other means of assigning a previous session to a user, for example if you have a database that maps ip addresses to session ids (bad idea!), then you could restore the previous session id using session_id().

Improve this answer

1 Comment

can you see the answer of Devzer answer i think it may be right answer :) as i got both your clear the session data recover . thanks again
1

As other posters have mentioned the cookies contains the session id which is required to access the session. However unless you perform a session_destroy() the actual session data can be still found on the directory which session files are stored.

Improve this answer

1 Comment

@ Devzer i think you are right, we can find the data from session handler location file. the previous data according to session ID right?
1

The session ID it self is stored in a cookie.

If the user deletes it, then you cant access any information associated with the session because there's no way of referring to it.

In other words, you delete the browser cookies, the session is deleted since the session is stored as a cookie!

Improve this answer

2 Comments

you mean we can`t keep session value after delete the cookies?
no, the actual data can still be recovered from the directory where the session files are stored, why do you wanna delete the cookie, anyway?
1

You can't recover sessoin id if cookie is deleted as it's in cookie.

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.