An HTTP cookie is a small piece of data sent from a website and stored on the user's computer by the user's web browser while the user is browsing.
bool setcookie( string $name [, string $value = "" [, int $expire = 0 [, string $path = "" [, string $domain = "" [, bool $secure = false [, bool $httponly = false ]]]]]] )
|name||The name of the cookie. This is also the key you can use to retrieve the value from the |
|value||The value to store in the cookie. This data is accessible to the browser so don't store anything sensitive here.|
|expire||A Unix timestamp representing when the cookie should expire. If set to zero the cookie will expire at the end of the session. If set to a number less than the current Unix timestamp the cookie will expire immediately.|
|path||The scope of the cookie. If set to |
|domain||The domain or subdomain the cookie is available on. If set to the bare domain |
|secure||When set to |
It is worth noting that mere invoking
setcookie function doesn't just put given data into
$_COOKIE superglobal array.
For example there is no point in doing:
The value is not there yet, not until next page load. The function
setcookie just says "with next http connection tell the client (browser) to set this cookie". Then when the headers are sent to the browser, they contain this cookie header. The browser then checks if the cookie hasn't expired yet, and if not, then in http request it sends the cookie to the server and that's when PHP receives it and puts the contents into
Checking if a Cookie is Set
isset() function upon the superglobal
$_COOKIE variable to check if a cookie is set.
Modifying a Cookie
The value of a cookie can be modified by resetting the cookie
Cookies are part of the HTTP header, so
setcookie()must be called before any output is sent to the browser.
When modifying a cookie make sure the
setcookie()matches the existing cookie or a new cookie will be created instead.
The value portion of the cookie will automatically be urlencoded when you send the cookie, and when it is received, it is automatically decoded and assigned to a variable by the same name as the cookie name
Removing a Cookie
To remove a cookie, set the expiry timestamp to a time in the past. This triggers the browser's removal mechanism:
When deleting a cookie make sure the
setcookie()matches the cookie you're trying to delete or a new cookie, which expires immediately, will be created.
It is also a good idea to unset the
$_COOKIE value in case the current page uses it:
Retrieving a Cookie
Retrieve and Output a Cookie Named
The value of a cookie can be retrieved using the global variable
$_COOKIE. example if we have a cookie named
user we can retrieve it like this
Setting a Cookie
A cookie is set using the
setcookie() function. Since cookies are part of the HTTP header, you must set any cookies before sending any output to the browser.
- Creates a cookie with name
- (Optional) Value of the cookie is
- (Optional) Cookie will expire in 1 day (86400 seconds)
- (Optional) Cookie is available throughout the whole website
- (Optional) Cookie is only sent over HTTPS
A created or modified cookie can only be accessed on subsequent requests (where
domainmatches) as the superglobal
$_COOKIEis not populated with the new data immediately.