Cookies are small text files stored on a user's device that are used to identify users and customize their experience. Session data is stored on the server to identify users across page requests during a browser session, using a session ID sent back and forth via cookies or URL rewriting. Common PHP functions for working with sessions include session_start(), session_register(), $_SESSION, and session_unset().