A cookie is a small text file that allows you to store a small amount of data (around 4KB) on the user's computer. They are often used to keep track of information like a username so the site can personalize the page when the user visits the website again.
Tip: Every time the browser requests a page from the server, all the data in the cookie is automatically included in the request.
The setcookie() function is used to set a cookie in PHP. Make sure you call the setcookie() function before any output is generated by your script; otherwise, the cookie will not be set. The basic syntax of this function is:
The parameters of the setcookie() function have the following meanings:
| Parameter | Description |
|---|---|
name |
The name of the cookie. |
value |
The value of the cookie. Do not store sensitive information since this value is stored on the user's computer. |
expires |
The expiry date in UNIX timestamp format. After this time, the cookie will become inaccessible. The default value is 0. |
path |
Specifies the path on the server for which the cookie will be available. If set to /, the cookie will be available within the entire domain. |
domain |
Specifies the domain for which the cookie is available, e.g., www.example.com. |
secure |
If this field is present, it indicates that the cookie should be sent only if a secure HTTPS connection exists. |
Tip: If the cookie's expiration time is set to 0 or is omitted, the cookie will expire when the session ends, which is when the browser is closed.
Here's an example that uses the setcookie() function to create a cookie named username and assign it the value John Carter. It also specifies that the cookie will expire in 30 days (30 days * 24 hours * 60 min * 60 sec).
<?php
// Setting a cookie
setcookie("username", "John Carter", time()+30*24*60*60);
?>Note: All arguments except the name are optional. You can replace an argument with an empty string ("") to skip it. If you want to skip the expire argument, use zero (0) since it's an integer.
Warning: Do not store sensitive data in cookies as it can be manipulated by malicious users. Use sessions to store sensitive data securely.
The PHP $_COOKIE superglobal variable is used to get a cookie's value. It's like an associative array that holds all cookie values sent by the browser in the current request, organized by cookie name. You can access a specific cookie value using standard array notation. For instance, to show the username cookie set in the earlier example, you could use this code.
<?php
// Accessing an individual cookie value
echo $_COOKIE["username"];
?>The PHP code in the above example produces the following output.
It's wise to verify whether a cookie is set before accessing its value. You can achieve this using the PHP isset() function, as shown below:
<?php
// Verifying whether a cookie is set or not
if(isset($_COOKIE["username"])){
echo "Hi " . $_COOKIE["username"];
} else{
echo "Welcome Guest!";
}
?>You can use the print_r() function, such as print_r($_COOKIE);, to view the structure of the $_COOKIE associative array, similar to how you would with other arrays.
To delete a cookie, you can call the same setcookie() function with the cookie name and any value (like an empty string), but this time you need to set the expiration date in the past, as demonstrated in the example below:
<?php
// Deleting a cookie
setcookie("username", "", time()-3600);
?>Tip: When deleting a cookie, ensure you provide the exact same path, domain, and other arguments used when creating the cookie. This ensures that the correct cookie is deleted.