PHP: Cookies

14 posts Page 1 of 2
Contributors
User avatar
smashapps
Coding Guru
Coding Guru
Posts: 961
Joined: Tue Apr 05, 2011 8:41 am

PHP: Cookies
smashapps
Hello everyone,

Another PHP tutorial on cookies this time. No I don't mean cookies you could eat unless you were a digital entity in a PC with...I'm going off topic. I mean the type of cookies that are stored on your PC when you visit websites that hold data.

A cookie can be used to identify a user, it's a file that is saved on your computer. When you visit a website, it's sends the cookie to the website as well. In this tutorial you will learn how to read and write cookies.

Cookies is a data type (Along with $_REQUEST, $_SERVER and $_GET, $_POST).

Retrieving cookies:
Code: Select all
<?php
//Display the cookie in the browser
echo $_COOKIE["name"];
 
the "name" is the name of the cookie you are retrieving. This code won't work if the cookie doesn't actually exist.

If you want to display all cookies use:
Code: Select all
<?php
echo $_COOKIE;
 
Setting cookies:

When you set your cookie you must set it before the <html> in your web page.
Use the setcookie function.

Why you should use setcookie before <html>:
setcookie() defines a cookie to be sent along with the rest of the HTTP headers. Like other headers, cookies must be sent before any output from your script (this is a protocol restriction). This requires that you place calls to this function prior to any output, including <html> and <head> tags as well as any whitespace.
The syntax of setcookie is: setcookie(name, value, expire, path, domain);

Let's now set the cookie
Code: Select all
<?php
setcookie("theme", "default", time()+86400);
?>

<html>
<!-- Now put everything else in here, like..your web page :P -->
Our cookie is named "theme" and it's value is "default" and will expire in 24 hours time. The 86400 is seconds, so we add 24 hours on the current time, and that is when our cookie will expire.

1 week:

time()+604800

Deleting cookies:

It's kind of strange as to how we delete the cookies, but all we do is set the expiry time to a time that's already passed.
Code: Select all
setcookie("theme", "", time()-3600);
 
3600 is 1 hour, we set our cookie 'theme' to expire 1 hour ago, and there, the cookie is gone.

If I wasn't clear on something or I've missed something let me know, and of course if you liked the tutorial +rep :) If you need any help or have any questions leave a reply to the thread.

Thanks!
My name is Tom | Visit my blog where I post new content every day! Tom's Daily Blog | MineCraft is awesome!
User avatar
Dummy1912
VIP - Donator
VIP - Donator
Posts: 1969
Joined: Sat Aug 21, 2010 2:17 pm

Re: PHP: Cookies
Dummy1912
hello #smashapps,

i never used cookies before i only eat them :lol:

so can you even write a cookie that contains a login and after some time you are signed out
by the cookie?

i love to see a cookie for that also :)

thanks

#Birthday
visit us on:


http://www.softpedia.com/get/System/Lau ... -Run.shtml
Check it out ! http://www.softpedia.com/publisher/I-A- ... 90017.html
Check it out ! http://www.softpedia.com/get/Desktop-En ... lock.shtml
User avatar
smashapps
Coding Guru
Coding Guru
Posts: 961
Joined: Tue Apr 05, 2011 8:41 am

Re: PHP: Cookies
smashapps
You could use cookies to store a login I don't see why not, maybe you could set them for an hour, just set the cookies when someone logs in. I normally use sessions for logins though.
My name is Tom | Visit my blog where I post new content every day! Tom's Daily Blog | MineCraft is awesome!
User avatar
Danny
VIP - Donator
VIP - Donator
Posts: 621
Joined: Sat Oct 30, 2010 8:21 pm

Re: PHP: Cookies
Danny
smashapps wrote:
You could use cookies to store a login I don't see why not, maybe you could set them for an hour, just set the cookies when someone logs in. I normally use sessions for logins though.
nah man, use sessions. that's more secure.
User avatar
comathi
Coding God
Coding God
Posts: 1242
Joined: Fri Mar 26, 2010 1:59 pm

Re: PHP: Cookies
comathi
But you can't store login information in a session long term, can you?
User avatar
smashapps
Coding Guru
Coding Guru
Posts: 961
Joined: Tue Apr 05, 2011 8:41 am

Re: PHP: Cookies
smashapps
no sessions are not long term and I don't think either are safe, nothing is safe!

sessions are probably not safe, maybe you could write something to use a mix of both cookies and sessions so if you want to be logged out after 3 days time you could do something like write a cookie for three days and if it is still valid then set the sessions, if the cookie is deleted then log the user out. The best part is the cookie won't need to storing the user's password maybe just an ID or something, since you're providing your user and pass the first time when you log in.

#Birthday
My name is Tom | Visit my blog where I post new content every day! Tom's Daily Blog | MineCraft is awesome!
User avatar
XTechVB
VIP - Site Partner
VIP - Site Partner
Posts: 727
Joined: Thu May 20, 2010 10:32 am

Re: PHP: Cookies
XTechVB
smashapps wrote:
no sessions are not long term and I don't think either are safe, nothing is safe!

sessions are probably not safe, maybe you could write something to use a mix of both cookies and sessions so if you want to be logged out after 3 days time you could do something like write a cookie for three days and if it is still valid then set the sessions, if the cookie is deleted then log the user out. The best part is the cookie won't need to storing the user's password maybe just an ID or something, since you're providing your user and pass the first time when you log in.

#Birthday
Sessions are stored on the server, there for are safe to use in login systems, PhpBB, Wordpress, Joomla, Drupal etc.., they all use sessions.
Cookies are only used to provide links to the stored sessions on the server. And NEVER to hold usernames, emails, passwords, or any other sensitive information.
#smashapps You should do some research before declaring that sessions are not safe. They're light-years more safe then cookies.
Last edited by XTechVB on Thu Jul 17, 2014 2:11 pm, edited 2 times in total.
You can find me on Facebook or on Skype mihai_92b
User avatar
comathi
Coding God
Coding God
Posts: 1242
Joined: Fri Mar 26, 2010 1:59 pm

Re: PHP: Cookies
comathi
Weird, I was under the impression sessions stored on a server were destroyed as soon as the user left the page... I might be thinking of something else, or just really misinformed :lol:
User avatar
XTechVB
VIP - Site Partner
VIP - Site Partner
Posts: 727
Joined: Thu May 20, 2010 10:32 am

Re: PHP: Cookies
XTechVB
comathi wrote:
Weird, I was under the impression sessions stored on a server were destroyed as soon as the user left the page... I might be thinking of something else, or just really misinformed :lol:
Ok let me explain.
Every time you create a session in php, it gets stored on the server, and at the same time a cookie is created locally holding a link to that session (the session id).
So when revisiting a restricted page after you logged-in, php gets the session id stored on the locally created cookie, and tries to find the session on the server with that number. If the session is found then you'll get access to the restricted page without having to re-login.
You can find me on Facebook or on Skype mihai_92b
User avatar
smashapps
Coding Guru
Coding Guru
Posts: 961
Joined: Tue Apr 05, 2011 8:41 am

Re: PHP: Cookies
smashapps
I know they're safe they are stored on the server and each session has it's own unique ID etc. I was joking about something off-topic kind of, nothing is safe :P
My name is Tom | Visit my blog where I post new content every day! Tom's Daily Blog | MineCraft is awesome!
14 posts Page 1 of 2
Return to “Tutorials”