1. $_SESSION will be stored in server side (automatically cleared when the browser is closed OR the session variable is unset programmatically)

2. $_COOKIES will be stored in client side and REMAINS until it is expired OR unset programmatically




BEST PRACTICE
=============
1. NEVER EVER store username & password in Cookies whether it is encrpted or unencrypted

2. It is relatively safe to store USER ID in SESSION, but NEVER EVER in COOKIES

2. To set a cookie --> setcookie($cookie_name, $cookie_value, time() + (86400 * 30), "/");

3. To remove a cookie, we need 2 lines of codes :
   unset($_COOKIE[$cookie_name]); 
   setcookie($cookie_name, null, -1, '/'); 

4. Recommended encryption : using function password_hash (php function)  --> one way encrypted 
                            using function password_verify ('$password', '$hashed_pasword')  --> to verify the password


5. --> SESSION will be shared between all files within DOMAIN or SUBDOMAIN (whether it is localhost or actual hosting)
       We can conclude that SESSION is stored inside a server, means that as long as the website files in the same server path (root path), all of them will share same
       SESSION

   --> COOKIE is a little tricky, as it is shared with parental hierarchy
       So, COOKIE that is set in a file (with certain path) will be shared to all files within the same folder AND their child folders
       But COOKIE WILL NOT be shared to its parent. And the same hierarchy will have higher priority, followed by the nearest parents (until there is a cookie find)

       For Example, the hierarchy goes like this:
       1) file-1a.php
       2) file-1b.php
       3) file-1c.php
       4) Folder Sub 1
             a) file-sub1a.php
             b) file-sub1b.php
             c) file-sub1c.php

       --> Cookie that is set in file-1a.php, will be shared between file-1b.php, file-1c.php AND all files in Folder Sub 1
       --> Cookie that is set in file-sub1a.php, will be shared between file-sub1b.php AND file-sub1c.php, BUT CANNOT BE SHARED to file-1a.php, file-1b.php, and file-1c.php
       --> If there are 2 cookies set (e.g in file-1a.php and file-sub1a.php), even with the same name, file-sub1b.php & file-sub1c.php will share the cookies of file-sub1a.php, while file-1b.php & file-1c.php will share the cookies of file-1a.php