Chapter 5. Remembering Users (Cookies and Sessions)
Hypertext Transfer Protocol (HTTP) is a stateless protocol. To say it in a simple way: A client (web browser) connects to a web server, sends a request, and gets a response. Then, the connection is closed. The consequence is the next time the same client sends a request to the same web server, it is a new request, so the web server cannot identify the caller. This is, of course, a problem for applications in which state must be maintained, for instance e-commerce applications with a shopping-cart functionality.
However, you can overcome this limitation in several ways. The basic idea is to send some information with the HTTP response; to try to achieve that, this information is sent back with all subsequent requests to that server. The following possibilities exist:
Sending the data via POST (that is, a form is required each time) Sending the data via GET (that is, by appending this information to the request's uniform resource locator [URL]) Sending the data as part of the HTTP header (in the form of a cookie)
In real-world projects, one of two methods is used: sessions (via GET or cookies) and cookies.
|