Greetings! The topic of today’s rubric is ‘Working with cookies (Cookie) in php’. Consider how they are created and how you can manage them. Go!

In order to set a new cookie, no matter how strange it sounds. You need to write the following:

setcookie(‘name’, «Andrey»);

The setcookie() function is the main function for managing cookies in php. We passed two required parameters to it: ‘name’ — the name of the cookie by which we can access it and ‘Andrey’ is some value (information) that we want to store in the cookie. It is important to know that the size of the value must be no more than 4 kB.

We can use the $_COOKIE super global array to get all the cookies, if we only want to get our ‘name’ cookie.

var_dump($_COOKIE[‘name’]);

We just specify the name of the cookie as a key. Cookies can also be tracked through the browser by viewing the page headers or using javascript, which I wrote about in this JavaScript cookie article.

Let’s go further! The setcookie() function is not limited to just two parameters. As the third argument, it can take the time in seconds at which the cookie will be deleted.

Example:

setcookie(‘name’, «Andrey», (time() + 15));

This cookie will only live for 15 seconds and then will be successfully deleted. The time() function is used to start counting from the current time.

If we want to just delete immediately.

setcookie(‘name’, «Andrey», (time() — 1));

We indicate the past tense. In our case, we simply subtracted a second from the current time.

The next parameter that the setcookie() function can take is called path, that is, the path (relative address) on which the cookie will work. Moreover, the address is strictly relative to the domain of your site!

setcookie(«name», «Andrey», 0, «/»);

Here we specified «/» as the path, in this case our cookie will be available for all pages of the site. If we want to make it available only for example for the contact page (https://domain.com/contact).

setcookie(«name», «Andrey», 0, «/contact»);

It needs to be written like this!

Subdomains can be used on your site. To do this, the setcookie() function has the following parameter.

setcookie(«name», «Andrey», 0, «/», «sub.domain.com»);

In this example, the cookie is only set for the «sub.domain.com» subdomain. If you leave just «domain.com» then the cookies will be on the main domain and all its subdomains.

We still have the last two parameters that the setcookie() function can take.

setcookie(«name», «Andrey», 0, «/», «domain.com», false, false);

These parameters take a boolean value (true or false) as their value. They default to false.

The first of the parameters (it is the penultimate one in the function) is responsible for the type of connection on which the cookie will be set.

setcookie(«name», «Andrey», 0, «/», «domain.com», true, false);

Here we have set the value to true which means that cookies will only be set over a secure protocol (ssl) https. If set to false, the cookie can be set on any connection.

The last parameter is responsible for the availability of cookies for various scripts.

setcookie(«name», «Andrey», 0, «/», «domain.com», false, true);

For example, if set to true, the set cookies will be readable only via the HTTP protocol, for scripting languages such as javascript they will not be available.

This can be checked very easily! Try setting the last parameter to false first and execute the php script.

setcookie(«name», «Andrey», 0, «/», «domain.com», false, false);

Then open the browser console and enter the following command:

decodeURIComponent(document.cookie)

As a result, you will get something like this:

name=Andrey

Now set it to true and do the same. As a result, you will no longer see your cookies in the browser console, although they are in the page headers. And all because they are not available for reading by third-party scripts.

That’s basically all you need to know to work with cookies in php. As you can see, there is nothing complicated here. Finally, I will say that cookies are rather unreliable for storing personal information (login, password, details, passport data, authorization token, etc.), since they are easy to steal and fake. Therefore, it is better to store in them general information such as (name, year of birth, etc.), that is, if lost, significant damage will not be caused to the user (hacking, theft of funds, etc.).

In general, this is all I have. I hope this article was useful for you! Do not forget to subscribe to the Vkontakte group and go to the Youtube channel.