cookies vs sessions for php application

Question

what would be better when implementing a php login system sessions or cookies ?

Answer 1

better? neither.

HTTP is a stateless protocol (no session) to create some kind of session you can use a cookie (store values on the client side in a cookie and pass them with every request) or pass in values as URL parameters (such as ?sessionid=2358734578 }.

PHP Sessions simply assign each client a sessionid and store it in the cookie, this acts as an identifier for the client (you can also configure it to use URL parameters too).

So basically, you can use the native PHP session implementation, which stores everything on the server side, gives the client an id to pass by cookie and then provides a way for you retrieve data for that session based on said id (which is passed via cookie) - or you can come up with your own system (which you have referred to as 'using cookies') but ultimately it can't be any better ~ although as a bi-product you may end up understanding how HTTP works that little bit more :)

seeAlso CaseySoftware's answer with regards security considerations.