PHP Cookies

Learn how to use cookies in PHP to store user information on the client-side.

Introduction to Cookies

Cookies are small pieces of data that are stored on the user's computer by the web browser while browsing a website. They are commonly used to remember information about the user, such as login credentials, preferences, and shopping cart contents.

How to Set Cookies

You can set a cookie using the setcookie() function in PHP. This function must be called before any output is sent to the browser. Here’s the syntax:

setcookie(name, value, expire, path, domain, secure, httponly);

Example: Setting a Cookie

The following example sets a cookie named user with the value John Doe that expires in one hour.

<?php
// Set a cookie that expires in 1 hour
setcookie("user", "John Doe", time() + 3600, "/"); // '/' means the cookie is available in the entire domain
?>

Retrieving Cookies

You can access the value of a cookie using the $_COOKIE superglobal array. Here’s how to retrieve the value of the user cookie:

<?php
if (isset($_COOKIE["user"])) {
    echo "Hello, " . $_COOKIE["user"]; // Output: Hello, John Doe
} else {
    echo "User not found.";
}
?>

Deleting Cookies

To delete a cookie, you can set its expiration date to a time in the past. Here’s how to delete the user cookie:

<?php
setcookie("user", "", time() - 3600, "/"); // Delete the cookie
?>

Cookie Security and Best Practices

When using cookies, it's essential to consider security and privacy. Here are some best practices:

Use the httponly flag to prevent JavaScript access to cookies.
Use the secure flag to ensure cookies are sent over HTTPS only.
Validate and sanitize any data stored in cookies to prevent security vulnerabilities.

Conclusion

Cookies are a powerful way to store user data on the client side. Understanding how to set, retrieve, and delete cookies in PHP is essential for creating user-friendly web applications that remember user preferences and session information.