PHP Lesson 24 – How to set, Delete, Store Cookies, setcookie()
Cookies, like sessions, have the ability to capture specific data during a sequence of site views.
However, the visitor may, of course, prohibit us from storing a cookie on his computer, so it is better to use sessions only for storing data during a sequence of site calls.
A cookie is used, for example, to uniquely identify visitors even after the session has ended, ie, after leaving the homepage.
This can be used eg in surveys, or as a “recurrence function” in a forum.
How to Set cookie – PHP Tutorial
Only at the top, before something is output with or without PHP, we can set a cookie:
<?php setcookie("username", "Max", 0); ?>
The first entry (username) is the name of the cookie, through which the cookie can be reached later. The second is the value that is subsequently stored in the cookie. In this case Max. The third place is a time indication of how long the cookie is valid, ie stored on the computer of the user. In this case, I did not use time but the number 0. Zero means that the cookie will last until the end of the session, as long as the user has opened the browser.
To specify a time, you have to specify the seconds since 1.1.1970. But most of the time you are not exact time indicates, eg the 31.08.2015, you save actually only a period of time, after which many days the cookie expires. To realize this, you use a little trick. You determine the current timestamp, ie the time of setting the cookie, and then calculate the corresponding seconds for the lifetime of the cookie:
<?php setcookie("username","Max",time()+(3600*24)); ?>
This cookie would now last 3600 * 24 seconds, which equates to 24 hours.
How to Read cookies – PHP Tutorial
Cookies can be read out similar to sessions:
$cookie = $_COOKIE[“username”];
echo “The content of the cookie: $cookie”;
When reading out cookies is also to be noted that they only in the directory where a cookie was set, the cookie can also be read. In another directory, it is not readable.
How to Delete cookies – PHP Tutorial
To delete a cookie, you have to specify a time in the past. This tells the browser that this cookie has expired and deletes it:
setcookie(“username”,“”,time() – 3600);
Security of Cookies
Unlike sessions, cookies are stored on the visitor’s computer and not on the server of the website, so they can be forged.
For example, with the Firefox browser, there is a file that might look like this:
# HTTP Cookie File
# This is a generated file! Do not edit.
# To delete cookies, use the Cookie Manager.
coding180.com FALSE / FALSE 0 username Max
The first value indicates from which website this cookie originates, the 0 is the lifetime of the cookie. This is followed by the cookie name and the cookie value.
Of course, everyone can read and change the content, so you should not trust a cookie.
For example, if an attacker copies the cookie, he may impersonate the owner.
remain signed in
Cookies are often used to implement the popular feature Stay Connected. For this purpose, a corresponding, secret value is stored on the computer of the visitor. As soon as the visitor visits the website again, this value is read out in the cookie and if everything is correct, the user is logged in.
We are sorry that this lesson was not useful for you!
Let us improve this lesson!
Tell us how we can improve this lesson?