posted 18 years ago
Let's see. Someone can correct me if I'm wrong, but you're actually talking here about only two alternatives, which are used to implement the third thing you mention: to manage sessions, you can either use cookies or URL rewriting (not "redirecting", that's something else.) Basically, to keep track of a session, you need the web browser to send you some kind of session identifier with each request: either a cookie (which is sent with the HTTP headers) or a session ID embedded in the URL itself.
What should you use? Almost without exception, cookies are the primary strategy used by virtually everyone. Some sites will support URL rewriting as a fallback for users who have cookies disabled in their browser -- but not all.