HTTP is said to be a stateless protocol. What this means for web programmers is that every time a user loads a page it is the first time for the server. The server can’t say whether this user has ever visited that site, if is he in the middle of a buying transaction, if he has already authenticated, etc.

A cookie is a tag that can be placed on the user’s computer. Whenever the user loads a page from a site the site’s script can send him a cookie. The cookie can contain anything the site needs to keep the state of including the identity of the user. Then within the next request the client does for a new page there goes back the cookie with all the pertinent information to be read by the server script.