Should using cookies be avoided if it's possible?

Question

Is it slower to retrieve a user's cookie and get its value as a PHP variable, than it is to retrieve a session variable?

Answer 1

In general, you should not worry about the retrieval speed of a session variable or a cookie.

You should however be aware of the differences between them:

• Sessions are stored on the server, which means clients do not have access to the information you store about them. Session data, being stored on your server, does not need to be transmitted in full with each page; clients just need to send an ID and the data is loaded from the server.

• On the other hand, Cookies are stored on the client. They can be made durable for a long time and would allow you to work more smoothly when you have a cluster of web servers. However unlike Sessions, data stored in Cookies is transmitted in full with each page request.

Answer 2

No. In pure technical terms, it is likely the opposite, as there would be a bit of minor overhead to initializing a session.

Cookie data comes in as part of the HTTP request no matter what, and PHP reads it into $_COOKIE by default. So it's always going to be there. $_SESSION requires you to call session_start() at some point.

However, the performance difference between the two is going to be ridiculously small and not worth worrying about.