Complete explanations about cookies in PHP, with all the parameters of the setcookie() function and the $_COOKIE array
In this article we are going to show you that cookies in PHP are very easy to use. We already began to explain some interesting keys on this matter in the article , a previous installment of the .com agenda on PHP programming.
In this article we are going to show other details that should be known to work with cookies. Both the creation and reading processes, but above all we are going to carry out a complete study on the different parameters that we have available when calling the setcookie() function, which is used to register cookies in the browser of the user who visits our website.
Create cookies in PHP
In PHP, cookies are controlled by means of a function, which helps us to generate and save them in the user’s browser. This is the setcookie() function, which receives several parameters, including the cookie name, value, and expiration. The only mandatory parameter is the first one, the name of the cookie, the rest are optional.
Let’s see the entire list of setcookie() parameters with their explanations:
Name
A string with the name that we want to give to the cookie to save. It can be whatever we want.
Worth
A string of characters that is the value that the cookie will have.
Expiration
It is a timestamp with the value of the date on which the cookie will expire. The normal thing is to use the time() function, which generates the current timestamp and add the number of seconds left for the cookie to last. For example, time() + (60 * 60 * 24 * 365) would make the cookie last one year on the user’s system.
Route
The path or route where the cookie can be used within the domain. By default, the cookie can be used in the directory where it was created and its subdirectories. If we indicate “/” the cookie will be valid within the entire domain.
Domain
It is the subdomain where the cookie can be accessed. Cookies can only be generated and used for the domain of the page where the script is placed, but we can make it visible to all subdomains of the web domain through “.mydomain.com”.
Sure
It is a boolean which, if true, indicates that the cookie can only be transmitted over shttp (secure http).
http only
This is another boolean that serves to indicate that the cookie can only be accessed via the http headers, which would make it unreachable by client-side scripting languages like Javascript. This parameter was added in PHP 5.2.0
PHP’s setcookie() function generates and sends the cookie to the browser and returns a boolean, if true it indicates that it could be set in the user’s browser and if false it indicates that it could not be placed in the system. But this value does not indicate that the visitor has accepted it or not, since the browser may have configured it not to accept cookies and this cannot be detected by setcookie() directly.
For example, these would be different calls to setcookie():
setcookie(“mycookie”, “myvalue”); setcookie(“cookie2”, “myvalue2”, time() + 3600); setcookie(“othercookie”, “endValue”, time() + 3600, “/”, “.mydomain.com”);
But pay attention to one matter: To send a cookie to the browser, it must be done before sending the http headers to the client, that is, before having written any text on the page. If not, PHP may throw a headers already sent error.
Retrieve cookies with PHP
On the other hand, to receive the cookies that the user’s browser may have created in the system, the associative array $_COOKIE is used. In this array are all the cookies that the PHP page has available in the domain and directory where it is placed.
Through the name of the cookie we access its value:
$_COOKIE; $_COOKIE;
To see an example of the use of PHP cookies, access the PHP workshop or the .
Facebook Comments
Disqus