8.5.1- Cookies - The End of the Line?

Cookies – The End of the Line?

Before the advent of Active Server Pages, cookies were the main way that data could be transferred between different pages on a site, as a user moved between them. As we saw earlier in this chapter, the Session object now gives us a very powerful mechanism that also allows you to do just that. So what is the role for cookies now? Well as we saw with the SessionID property, cookies still play a vital role behind the scenes in ASP. They serve as the mechanism that tells each page accessed by a user during a session, what session that request belongs to. ASP can take this cookie and retrieve all of the session information that is stored on the server. Without cookies, the Session object just wouldn't work.

Cookies also still play a role in storing information between sessions. While a session has a timeout value, of usually 20 minutes, after which all of its information is deleted, a cookie can persist for a much longer period of time. The reason sessions can't have very long time-outs is that every time a user comes to your site, the server would have to wait for the period specified by the timeout to determine whether the user had logged out or not. Remember that closing a browser doesn't end the session, rather it just begins the period for which a session is dormant, until it times out. The server would use up precious resources monitoring long dead sessions, and the more users who visit the site, the more resources would be stretched. For this reason, cookies also play a vital role in storing information during the times when the user is off visiting other sites, or is not even using their browser at all, and you won't see the back of them for a while yet.