PHP Cookies
In this tutorial you will learn how to store a small amount of information within the user's browser itself using the PHP cookies.
What is a Cookie
A cookie is a small text file that lets you store a small amount of data (nearly 4KB) on the user's computer. They are typically used to keeping track of information such as username that the site can retrieve to personalize the page when user visit the website next time.
Tip: Each time the browser requests a page to the server, all the data in the cookie is automatically sent to the server within the request.
Setting a Cookie in PHP
The setcookie() function is used to set a cookie in PHP. Make sure you call the setcookie() function before any output generated by your script otherwise cookie will not set. The basic syntax of this function can be given with:
The parameters of the setcookie() function have the following meanings:
| Parameter | Description |
|---|---|
name |
The name of the cookie. |
value |
The value of the cookie. Do not store sensitive information since this value is stored on the user's computer. |
expires |
The expiry date in UNIX timestamp format. After this time cookie will become inaccessible. The default value is 0. |
path |
Specify the path on the server for which the cookie will be available. If set to /, the cookie will be available within the entire domain. |
domain |
Specify the domain for which the cookie is available to e.g www.example.com. |
secure |
This field, if present, indicates that the cookie should be sent only if a secure HTTPS connection exists. |
Tip: If the expiration time of the cookie is set to 0, or omitted, the cookie will expire at the end of the session i.e. when the browser closes.
Here's an example that uses setcookie() function to create a cookie named username and assign the value value John Carter to it. It also specify that the cookie will expire after 30 days (30 days * 24 hours * 60 min * 60 sec).
Example
Download<?php
// Setting a cookie
setcookie("username", "John Carter", time()+30*24*60*60);
?>Note: All the arguments except the name are optional. You may also replace an argument with an empty string ("") in order to skip that argument, however to skip the expire argument use a zero (0) instead, since it is an integer.
Warning: Don't store sensitive data in cookies since it could potentially be manipulated by the malicious user. To store the sensitive data securely use sessions instead.
Accessing Cookies Values
The PHP $_COOKIE superglobal variable is used to retrieve a cookie value.
It typically an associative array that contains a list of all the cookies values sent by the browser in the current request, keyed by cookie name. The individual cookie value can be accessed using standard array notation, for example to display the username cookie set in the previous example, you could use the following code.
Example
Download<?php
// Accessing an individual cookie value
echo $_COOKIE["username"];
?>The PHP code in the above example produce the following output.
It's a good practice to check whether a cookie is set or not before accessing its value. To do this you can use the PHP isset() function, like this:
Example
Download<?php
// Verifying whether a cookie is set or not
if(isset($_COOKIE["username"])){
echo "Hi " . $_COOKIE["username"];
} else{
echo "Welcome Guest!";
}
?>You can use the print_r() function like print_r($_COOKIE); to see the structure of this $_COOKIE associative array, like you with other arrays.
Removing Cookies
You can delete a cookie by calling the same setcookie() function with the cookie name and any value (such as an empty string) however this time you need the set the expiration date in the past, as shown in the example below:
Example
Download<?php
// Deleting a cookie
setcookie("username", "", time()-3600);
?>Tip: You should pass exactly the same path, domain, and other arguments that you have used when you first created the cookie in order to ensure that the correct cookie is deleted.
