Cookies in PHP

 Cookies:


• Before discussing cookies in php, the question is what actually cookies are???? 

• Hmm... so a computer cookie is a small text file which contains a unique ID tag, placed on your computer by the website. The website saves a complimentary file with a matching ID tag. In this file various information can be stored, from pages visited on the site, to information voluntarily given to the site. When you revisit the site days or weeks later, the site can recognize you by matching the cookie on your computer with the counterpart in its database.

• U can also say that, a cookie consists of one or more name-value pairs containing bits of information, which may be encrypted for information privacy and data security purposes. The cookie is sent as an HTTP header by a web server to a web browser and then sent back unchanged by the browser each time it accesses that server.

• There are two types of computer cookies: temporary and permanent. Temporary cookies, also called session cookies, are stored temporarily in your browser's memory and are deleted as soon as you end the session by closing the browser. Permanent cookies, also called persistent cookies, are stored permanently on your computer's hard drive and, if deleted, will be recreated the next time you visit the sites that placed them there.

• Setting a cookie:

• Transfer of Web pages follows the Hyper Text Transfer Protocol(HTTP). Regardless of cookies, browsers request a page from web servers by sending them a usually short text called HTTP request. For example, to access the page http://www.example.org/index.html, browsers connect to the server www.example.org sending it a request that looks like the following one:

GET /index.html HTTP/1.1

Host: www.example.org

browser → server


• The server replies by sending the requested page preceded by a similar packet of text, called HTTP response. This packet may contain lines requesting the browser to store cookies:

HTTP/1.1 200 OK

Content-type: text/html

Set-Cookie: name=value

(content of page)

browser ← server

• The server sends the line Set-Cookie only if the server wishes the browser to store a cookie. Set-Cookie is a request for the browser to store the string name=value and send it back in all future requests to the server. If the browser supports cookies and cookies are enabled, every subsequent page request to the same server will include the cookie. For example, the browser requests the page http://www.example.org/spec.html by sending the server www.example.org a request like the following:

GET /spec.html HTTP/1.1

Host: www.example.org

Cookie: name=value

Accept: */*

browser → server

• This is a request for another page from the same server, and differs from the first one above because it contains the string that the server has previously sent to the browser. This way, the server knows that this request is related to the previous one. The server answers by sending the requested page, possibly adding other cookies as well.

• The value of a cookie can be modified by the server by sending a new Set-Cookie: name=newvalue line in response of a page request. The browser then replaces the old value with the new one.



Cookies in PHP:

• Now let us discuss cookies in PHP. With PHP, you can both create and retrieve cookie values.

• How to create a cookie in PHP???? 

• The setcookie() function is used to set a cookie.

• Note: The setcookie() function must appear BEFORE the <html> tag.

• Syntax: setcookie(name, value, expire, path, domain, secure);

• Name: (required) name of the cookie.

• Value: (required)The value of the cookie. This value is stored on the clients computer; do not store sensitive information. Assuming the name is 'cookiename', this value is retrieved through $_COOKIE[‘cookiename’].

• Expire: (optional)The time the cookie expires. This is a Unix timestamp so is in number of seconds since the epoch. In other words, you'll most likely set this with the time() function plus the number of seconds before you want it to expire. time()+60*60*24*30 will set the cookie to expire in 30 days. If set to 0, or omitted, the cookie will expire at the end of the session (when the browser closes).

• Path: (optional)The path on the server in which the cookie will be available on. If set to '/', the cookie will be available within the entire domain. If set to '/foo/', the cookie will only be available within the /foo/ directory and all sub-directories such as /foo/bar/ of domain. The default value is the current directory that the cookie is being set in.

• Domain: (optional) The domain that the cookie is available. To make the cookie available on all subdomains of example.com then you'd set it to '.example.com'. The . is not required but makes it compatible with more browsers. Setting it to www.example.com will make the cookie only available in the www subdomain.

• Secure: (optional) Specifies whether or not the cookie should only be transmitted over a secure HTTPS connection. TRUE indicates that the cookie will only be set if a secure connection exists. Default is FALSE.


• Example:

• In the example below, we will create a cookie named "user" and assign the value "Sakshi" to it. We also specify that the cookie should expire after one hour:

<?php

setcookie(“user”, ”Sakshi”, time()+3600);

?>

<html>

........

• Note: The value of the cookie is automatically URLencoded when sending the cookie, and automatically decoded when received (to prevent URLencoding, use setrawcookie() instead).

• How to Retrieve a Cookie Value?

• The PHP $_COOKIE variable is used to retrieve a cookie value.

• In the example below, we retrieve the value of the cookie named "user" and display it on a page:

<html>

<body>

<?php

if (isset($_COOKIE[“user”]))

{

echo “Welcome”. $_COOKIE[“user”].”<br>”;

}

else

{

echo “Welcome Guest!<br>”;

}

?>

</body>

</html>

• In the above example, $_COOKIE[‘cookiename’] is used to retrieve the cookie. This is an array same as $_GET[‘variablename’] and isset() function determines whether a certain variable has already been declared by PHP. It returns a boolean value true if the variable has already been set, and false otherwise, or if the variable is set to the value NULL.

• How to delete a cookie?? 

• When deleting a cookie you should assure that the expiration date is in the past.

• Example:

<?php

setcookie(“user”, ””, time()-3600);

?>