PHP Cookies

Why cookies are so important?

When you ask web browser for a web page, the server sends you back that web page and the transaction completes here. After that, when you browse a new page of that site or visit a different website, the browser and the web server both completely forget about the previous transaction.

So, how an online buyer will select the next item in his cart and still the cart will remember what he selected in the previous web pages? How a registered user will browse different pages inside his own control panel without providing his login information to the server each time he clicks a new page?

Cookies come as the savior in the above situations; it is used to remember information about the previous transaction between web browser and server.


What is a cookie?

A cookie is a string written in a text file created by the web server, and stored in the visitor’s machine. It can stay there as long as it is set. That means, a web server can identify a visitor after the visitor has visited several other pages or different web sites or even after his machine is shut down and restarted later.


Some basic features of a cookie

  • Generally, a cookie is perished as soon as the web browser is closed unless it is told to be stored there for a certain amount of time.
  • The allowable size for each cookie is 4 kilobytes.
  • Browsers can’t store unlimited number of cookies. Usually, the number is 300.
  • Only 50 cookies (usually) that a browser can accept from a single website.
  • Cookie is not a dependable source of storing information because a website user can change his browser’s settings to turn off cookies or delete all the stored cookies.


How cookies work

  1. At first, web browser requests a webpage to the server.
  2. Including cookie in the header, the web server sends the webpage to the web browser.
  3. The browser saves the cookie in the computer.
  4. Every time the browser tries to connect with that web server, it sends a copy of the cookie to the server. Then, the web server access and use the cookie data and control visitor’s movements.


Some uses of cookies

  • Counts how many times a visitor visited a site
  • Keeps track of items in a shopping cart
  • Stores login information of a registered user and allows him visiting different secured pages
  • Allows auto login provision
  • Personalizes a website for a visitor saving his language preference, color choice, font selection etc…
  • Displays different advertising to different visitors
  • So on….


Create a cookie in PHP

setcookie() function is used to set a cookie on the visitor’s machine.

setcookie(string cookie_name, string value, int expire, string path, string domain, bool secure)

Parameters: No, let’s see what these parameters mean-

  • cookie name – The name of the cookie you define. It is a required parameter.
  • value –The value of the cookie. It is an optional parameter. Default value is an empty string.
  • expire – The expiration date of the cookie as timestamp. It is an optional parameter. Default value is 0 which means the cookie will be deleted when the browser will be closed. To set the cookie expire in a future time, mention the expire value with any timestamp function (time(), mktime(), strtotime()).
  • path – The path on the web server the cookie will be available on. If you want the cookie be accessible only in a certain directory, not from the other directory of that website then, mention the directory here. It is an optional parameter. Default value is “/” which indicates that the cookie will be accessible from any web pages of the site.
  • domain – The domain name the cookie is available to. It is an optional parameter. Default is the current server name the cookie is written on.
  • secure – indicates whether a cookie will be transmitted over a secure HTTPS connection or not. It is an optional parameter. Default value is FALSE. Defining TRUE allows the cookie transmitted only over the HTTPS connection.


Example: Now, let’s take a look at a cookie example-

setcookie(“club_id”, ‘10100’, strtotime(+1 day));

In the above, we created a cookie named club_id and the value stored inside is 10100. The cookie will be expired after 1 day which is defined by the strtotime() function. Last but not least that the cookie is set before the <html> tag which will contain text to display output to the browser.

Web server sends cookies to visitor’s browser via HTTP header. Header information must be sent first before web server sends any other information to the browser. So, any attempt to display output from your script before setting cookie will cause error messages.

Accessing a cookie in PHP

In the above example, we set a cookie named club_id. Now, we’ll access its value. Accessing cookie variable is very easy. PHP provides the superglobal variable $_COOKIE to access a preset cookie. Superglobal means that the value of this variable can be accessed in any scope within a script.

$_COOKIE is an associative array. Its name is the key and the value is the cookie value. To retrieve the cookie value, mention the name of the cookie as the parameter in the $_COOKIE variable and it will display the cookie value. See the following example how we retrieve the value of cookie club_id variable-

echo $_COOKIE[‘club_id’];


You can’t access a cookie after setting it in the same script. you have to reload another page to retrieve that cookie.

Deleting a cookie in PHP

To delete a cookie from the visitor’s machine, do the following things-

  • Set an empty string as the value in the setcookie() function
  • Set any past time as the expiration date in the expire parameter.
  • Mention the other parameters as it is when the cookie was set.

The following example will show hoe to remove the “club_id” cookie we set in the above example.

setcookie(“club_id”, ‘’, strtotime(-1 day));