PHP - Cookies introduction

Cookies are text files stored on the client/ remote browser, A cookie is often used to identify a user.


Each time the remote computer requests a page, the browser will send the cookie too. With PHP, we can create, retrieve and delete cookies and it's values.


PHP transparently supports HTTP cookies. we can set cookies using the setcookie() or setrawcookie() function.


Note: JavaScript can also set a cookie directly on a browser

document.cookie = "{cookie_name}={cookie_value}";

Cookies are part of the HTTP header, so setcookie() must be called before any output/HTML is sent to the browser.

A PHP script will then have access to the cookie in the environmental variables $_COOKIE or $HTTP_COOKIE_VARS[] which holds all cookie names and values.

Create Cookies with setcookie() functions:

PHP provided setcookie() function to create a cookie. setcookie function should be called before

tag as well as any whitespace. For each cookie setcookie() function has to be called separately.


setcookie(name, value, expire, path, domain_name, secure, httponly);

Note: Only the name parameter is required. All other parameters are optional.

name:The name of the cookie. value:The value of the cookie. If the cookie name is 'cookie_name', this value is retrieved through $_COOKIE['cookie_name']. expire:The time the cookie expires. time()+60*60*24*30 will set the cookie to expire in 30 days. If this parameter is not set or set to 0 then cookie will automatically expire when the Web Browser is closed. path:The path on the server in which the cookie will be available on. If set to '/', the cookie will be available within the entire domain. If set to '/cookie_dir/', the cookie will only be available within the /cookie_dir/ directory. domain:The domain that the cookie is available to. All cookies are only valid for the host and domain which created them. secure:This can be set to TRUE or 1 to specify that the cookie should only be sent by secure transmission using HTTPS otherwise set to FALSE or 0 which mean cookie can be sent by regular HTTP. httponly:When TRUE the cookie will be made accessible only through the HTTP protocol. This means that the cookie won't be accessible by scripting languages, such as JavaScript.

Note: If setcookie() runs successfully, it returns TRUE, otherwise FALSE.


   setcookie("first_name", "John", time() + 3600, "/", "", 0);
   setcookie("last_name", "Deo", time() + 3600, "/", "", 0);
<title>PHP cookie example</title>
if (!isset($_COOKIE['first_name'])) {
  echo "Cookie is not set!";
else {
  echo "Welcome: " . $_COOKIE['first_name'] . ' ' . $_COOKIE['last_name'];

Delete a Cookie:

To delete a cookie, use the setcookie() function with an expiration date in the past:

setcookie("first_name", "", time() - 60, "/", "", 0);
setcookie( "last_name", "", time()- 60, "/","", 0);

Note: The setcookie() function must appear BEFORE the tag as well as any whitespace.