How to Set, Get and Unset Cookies in PHP

A cookie in PHP is a mechanism for storing data in the user’s browser and thus tracking or identifying return users. In this article, you will learn about basic information of PHP cookies along with its various operations such as create, retrieve, modify and delete.

What is Cookie

A cookie is a small file with a small amount of data nearly 4KB that the web server stores on the user’s computer. Once a cookie has been set on the user’s browser, whenever the user loads the website, the browser sends the cookie back to the server to notify the website of the user’s previous activity.

With PHP, it’s very easy to create, retrieve and delete cookie values.

How to Create Cookie

In PHP, you can set cookies using the setcookie() function. Cookies are part of the HTTP header, so you must be called the setcookie() function before any output is sent to the browser, otherwise, the cookie will not set.

The syntax of the setcookie() function is as follows,

setcookie(name, value, expire, path, domain, secure, httponly);

Here, the parameters name and value are required and all the other parameters are optional.

  • name: name of the cookie.
  • value: value of the cookie. This value is stored on the user’s computer, so do not store any sensitive information.
  • expire: used to define the expiry time for the cookie and it is in UNIX timestamp format. After this specified time, the cookie will become inaccessible. For instance, to set the expire time for one hour, give the parameter value as time() + 3600. If the expire time is set as 0, the cookie will expire at the end of the session which means when the browser closes. The default cookie expire time is 0.
  • path: used to define the path on the server in which the cookie will be available on. If set to forward slash “/”, the cookie will be available within the entire domain. If set to forward slash with the domain like “/test/”, the cookie will only be available within the “/test/” directory and all its sub-directories such as “/test/myfirst/”.
  • domain: used to define the domain/subdomain that the cookie is available to. The important thing, a cookie can only be read from the domain which has been created from.
  • secure: used to indicate that the cookie should only be transmitted over a secure HTTPS connection or HTTP connection from the client. If set to TRUE then the cookie will be sent via HTTPS, otherwise, it will be sent via HTTP. Its default value is FALSE.
  • httponly: If it is set to TRUE, the cookie will be made accessible only through the HTTP/HTTPS protocol. Which means that the cookie won’t be accessible by any scripting languages, such as JavaScript.

Here is an example that uses setcookie() function to create a cookie,

<?php
// Setting a Cookie
setcookie("username", "Peter", time()+2*24*60*60, "/");

Here, create the cookie with name username and assign the value Peter to it, and set the expiry time for 2 days (2 days * 24 hours * 60 min * 60 sec). The “/” indicates that the cookie is available in the entire website.

How to Retrieve Cookie Value

After creating the cookie, you can access the cookie value using PHP builtin superglobal variable $_COOKIE with cookie name. The PHP $_COOKIE is an array variable which contains the names and values of all the set cookies.

Here is an example that uses $_COOKIE to retrieve the cookie value and the isset() function to find out if the cookie is set or not,

<?php
// Check whether a cookie is set or not
if(isset($_COOKIE["username"])){
    echo "Hi " . $_COOKIE["username"];
}

How to Modify Cookie

To modify a cookie, you have to set the cookie again using the setcookie() function.

Here is an example to modify a cookie,

<?php
// Check whether a cookie is set or not
if(isset($_COOKIE["username"])){
    setcookie("username", "Thomas", time()+2*24*60*60, "/");
}

How to Delete Cookie Value

To delete/unset a cookie, use the same function which we used to set it in order to delete it. Just use the setcookie() function with an expiration date in the past.

Here is an example to delete a cookie value,

<?php
// Deleting a Cookie
setcookie("username", "", time()-60, "/");

Read Also: How to Set, Get and Unset Session Variables in PHP

Hope this helps.

Leave a Reply

Your email address will not be published. Required fields are marked *