Why do $_SESSION and $_COOKIE behave differently?

Question

I've done some testing with $_SESSION and $_COOKIE because I they weren't working as I expected. I'd like to know why these lines of code behave differently.

$_SESSION[1] = 'foo';          // Does not work because of the integer
$_COOKIE[1] = 'bar';           // Works

$_SESSION['foo bar'] = 'foo';   // Works with the space
$_COOKIE['foo bar'] = 'bar';    // Does not work

I would have thought $_SESSION and $_COOKIE would be identical, other than being server side vs. client side. Are there any other differences between the two?

It's just one difference, but it's an important one – KingCrunch Mar 10 '12 at 01:27 — KingCrunch, Mar 10 '12 at 01:27

score 2 · Accepted Answer · edited May 23 '17 at 12:29

2

The answers on this question address some of the issues involved, but the short answer is that there are different restrictions depending on whether it's a session or a cookie. Sessions are restricted space-wise by different php.ini settings, cookies don't allow spaces in keys, etc.

edited May 23 '17 at 12:29

Community

1
1

answered Mar 10 '12 at 01:33

Waynn Lue

11,344
8
51
76

The relevant part of this is **cookies don't allow spaces in [names]** (and thus keys in $COOKIES don't). This is just how HTTP cookies are defined. There are also some browser quirks dealing with cookies... but alas, outside the scope of PHP and covered elsewhere. – Mar 10 '12 at 01:53

Why do $_SESSION and $_COOKIE behave differently?

1 Answers1