Setting and reading cookies in PHP is a part of–dare we say it?–cake. We don’t want to get into all the misinformation about cookies, but they’re important and useful. Sometimes they’re the right tool for the work.

create and modify a cookie In PHP

To create and modify a cookie, use the PHP function setcookie(). setcookie() takes up to six arguments, depending upon how much control you want over the cookie and who can read its value.

The best way of setting a cookie is like this:

setcookie(‘name’, ‘xxx’);

Then, for every further page on your site viewed by this browser (without the user quitting) you’ll have the value of ‘xxx’ stored in the variable $name for easy right to use in PHP. This type of cookie is known as a session cookie, since it lasts for the length of a user’s session.

If you want the cookie to persevere after the person exits his or her browser, you must pass setcookie() through a third parameter, the date you want the cookie to expire. Since PHP’s background springs fully formed from the head of Unix, you correspond to this time as the number of seconds since March 23, 1985. If you’re a Unix programmer, this makes total sense. But, if you’re from a Windows or a Macintosh background, you’re just trembling your head wondering if you’ll ever understand those wacky Unix folk.

PHP has a very nice function, mktime(). You pass mktime() (in this order) the hour, minute, second, month, day, and year that you want to represent, and mktime() returns to you the number of seconds since March 1, 1985. So, if you want to simulate a ZZZ meltdown:

<?php

$ZZZ = mktime(0,0,0,1,1,2000);

setcookie(‘name’, ‘xxx’, $ZZZ);

?>

your cookie will end with the millennium.

If you want to update a cookie to store a newer value, you can simply overwrite its value. So, even if you’ve previously sent the cookie above on an earlier page, it’s perfectly legal to go ahead and change your name to “akki.”

<?php

$ZZZ = mktime(0,0,0,1,1,2000);

setcookie(‘name’, ‘akki’, $ZZZ);

?>

Note that doing this doesn’t alter the value of the variable $name. It’s set when the page is loaded. If you want to make sure these two are always in sync, you can code like this:

<?php

$name = ‘Akki’;

$ZZZ = mktime(0,0,0,1,1,2000);

setcookie(‘name’, $name, $ZZZ);

?>

The next two parameters for setcookie() let you control the path and the domain of who can read your cookie. By default, only pages equivalent to or lower down in the ladder on the same server that sends the cookie can read its value. That’s for security’s sake. However, if you had an account that’s sometimes “www.any.com” but also “other.any.com,” and your account lets you serve pages from ~/myhome, you should modify setcookie() as such:

<?php

setcookie(‘name’, ‘akki’, $ZZZ, ‘~/myhome’, ‘.any.com’);

?>

The last parameter to setcookie(), which we’ve never used, teach that the cookie be sent only to a Web server that’s running a secure connection such as SSL. For this to occur, set the sixth value to 1.

Delete Cookie

Deleting a cookie is simple, simply pass setcookie() the name of your cookie and PHP will arrange for it to be deleted.

<?php setcookie(‘name’); ?>

There’s one last important item to cite about using cookies. Because of the way cookies work within HTTP, it’s important that you send all cookies before you print any text. If you don’t, PHP will give you a warning and your cookies will not be sent. So, this is OK:

<?php

setcookie(‘name’, ‘akki’);

echo “Good Morning!”;

?>

But this is not:

<?php

echo “Good Morning!”;

setcookie(‘name’, ‘akki’);

?>