I have one question that why session variable are stored on server side,
what is reason behind this. If it is stored on client side what will be disadvantage.
Cookies are available on the client-side, so they can be seen from the browser.
Sessions are stored on the server, and are never sent to the client (except if you write some cludge to do that). If sessions were stored on the client-side, I don't believe your PHP code would be able to access them as PHP is a server-side language. It is best to store sensitive information in a session rather than a cookie so that it cannot easily be accessed or manipulated.
The only thing is that the session cookie contains the session identifier which php uses to retrieve the proper session data.
Hope that helps.
But as we know cookies are stored on client side.. but php is able to access them.
A cookie is a small file that the server embeds on the user's computer. Each time the same computer requests a page with a browser, it will send the cookie too. With PHP, you can both create and retrieve cookie values.
There is mounds of information on this available on the web. Here's a good start... http://www.tuxradar.com/practicalphp/10/0/0 Just google it ;)