| Introduction to Web Development |
|---|
| Basic PHP Syntax |
|---|
| PHP Basics |
|---|
| Variables and Data Types |
|---|
| Functions in PHP |
|---|
| User-defined Functions |
|---|
| Built-in Functions |
|---|
| Variable Scope |
|---|
| Include and Require |
|---|
| Working with Forms |
|---|
| Forms in HTML |
|---|
| Form Handling in PHP |
|---|
| Working with Files |
|---|
| File Handling |
|---|
| File System Functions |
|---|
| Working with Databases |
|---|
| Introduction to Databases |
|---|
| Advanced PHP Techniques |
|---|
| Object-Oriented Programming (OOP) |
|---|
| Error and Exception Handling |
|---|
Cookies in PHP are a way to store small amounts of data on the client’s machine and can be used to maintain state information across different pages on a website. Here’s an in-depth guide on how to set and retrieve cookies in PHP.
Setting Cookies in PHP
To set a cookie in PHP, you use the ‘setcookie()‘ function. The syntax for ‘setcookie()‘ is as follows:
bool setcookie ( string $name [, string $value [, int $expires [, string $path [, string $domain [, bool $secure [, bool $httponly ]]]]]] )
Here’s a breakdown of the parameters:
- name: The name of the cookie.
- value: The value of the cookie. This value is stored on the client’s computer; do not store sensitive information.
- expires: The time the cookie expires. This is a Unix timestamp, so you can use
time()plus the number of seconds until you want the cookie to expire. - path: The path on the server in which the cookie will be available on. If set to
'/', the cookie will be available within the entire domain. - domain: The (sub)domain that the cookie is available to.
- secure: Indicates that the cookie should only be transmitted over a secure HTTPS connection.
- httponly: When
TRUE, the cookie will be made accessible only through the HTTP protocol, which means the cookie won’t be accessible via JavaScript.
Example of Setting a Cookie
<?php
$cookie_name = "user";
$cookie_value = "John Doe";
setcookie($cookie_name, $cookie_value, time() + (86400 * 30), "/"); // 86400 = 1 day
?>
In this example, a cookie named “user” with the value “John Doe” is set to expire in 30 days and is available across the entire website.
Retrieving Cookies in PHP
To retrieve a cookie in PHP, you can use the ‘$_COOKIE‘ superglobal array. This array contains all the cookies sent by the client to the server.
Example of Retrieving a Cookie
<?php
if(isset($_COOKIE[$cookie_name])) {
echo "Cookie named '" . $cookie_name . "' is set!<br>";
echo "Value is: " . $_COOKIE[$cookie_name];
} else {
echo "Cookie named '" . $cookie_name . "' is not set!";
}
?>
In this example, it checks if the cookie named “user” is set. If it is, it prints the cookie value; otherwise, it informs that the cookie is not set.
Deleting Cookies in PHP
To delete a cookie, you set the expiration date to a time in the past. This effectively removes the cookie from the client’s browser.
Example of Deleting a Cookie
<?php
setcookie("user", "", time() - 3600, "/");
?>
In this example, the cookie named “user” is deleted by setting its expiration time to one hour ago.
Important Considerations
Header Modification: The
setcookie()function must be called before any output is sent to the browser. This includes not just HTML tags, but also any whitespace.Security: Cookies can be intercepted and manipulated. Always consider encrypting sensitive data before setting it in a cookie and validate cookie data on the server.
SameSite Attribute: To mitigate certain cross-site request forgery (CSRF) attacks, you can set the
SameSiteattribute for a cookie.
Example with SameSite Attribute
<?php
setcookie($cookie_name, $cookie_value, [
'expires' => time() + (86400 * 30),
'path' => '/',
'domain' => 'example.com',
'secure' => true,
'httponly' => true,
'samesite' => 'Strict' // or 'Lax'
]);
?>
By understanding and properly using cookies, you can effectively manage user sessions and data persistence across your web applications.
